Taxes, Security & Developer News
As always, we are hard at work to bring the best in class solutions to the #Bitcoin and International communities. Some exciting new products are on the horizon, so make sure to keep your eyes peeled. Until then, here are some updates in the Bitcoin industry to keep those financial appetites satiated.
It’s tax season in the USA, so allow us to mention our tax partner, http://gocheto.com. Since the IRS decided to treat bitcoin as an asset, US citizens who bought bitcoin in 2014 before the price decline might be able to file for a “capital loss” tax break up to $3000 max.
Since keeping your existing bitcoin safe and secure is crucial, we feel obliged to comment on yet another exchange “hacking.” BTER.com lost over 7170 bitcoins around February 14, issued a single, one-line statement, “… bitcoins got stolen from our cold wallet…”
So “How can Bitcoins get stolen from a cold wallet?” you ask. From a discussion on a bitcointalk.org thread, it seems that BTER used the term “cold” in a loose sense, as in “currently offline”, as opposed to the strict definition – that the private key has neither transferred via the internet nor been stored on an internet-connected device even once. The bitcointalk thread participants discussed various theories, wondering if BTER made a rookie mistake of low-entropy key generation, as well as debating the possibilities of social engineering or an inside job. No matter which explanation you go with, it does not inspire confidence in BTER, which just a few months earlier lost some of its NXT alt-coins.
The story is a painful reminder not to store more bitcoin on an exchange than you plan on trading in the near future, while we still await a viable decentralized exchange.
While we’re on the topic of cold storage, please see the short slideshow by Armory Wallet on how to send bitcoin from a (true) cold wallet via offline transaction signing. Even if the computer connected to the internet is compromised, the hacker or malicious script cannot steal the private keys stored on the offline computer. Note the Armory team did not invent offline signing – it comes standard with the Bitcoin protocol, just like multi-sig, if only via a command line interface. Applications like Armory add a graphic user interface and streamline the process so the rest of us can start getting into the habit of using the security advantages at the core of Bitcoin.
As the Bitcoin industry matures, best-practice, standard-setting professional organizations of developers being to emerge. One such professional organization is the Canada-based Crypto Currency Certification Consortium (C4), which has recently come up with a Cryptocurrency Security Standard (CCSS) draft proposal. The draft calls for 10 standardized approaches for programming things like key and seed generation, storage and usage, proof-of-reserve and security audits, among other areas.
Note that C4 also offers a certification program that does not require coding skills – earned by mastering a multiple choice test.
Meanwhile, the Bitcoin core developer team has released a new version of the Bitcoin Core (Bitcoin-Qt) client, 0.10. As usual, the upgrade is not a flashy interface but rather stability improvements of the basic features, such as downloading and parsing blocks of the blockchain from its peer nodes more efficiently than the previous versions did, so a new instance of the Client takes hours, not days to setup.
The Bitcoin Core client is an example of a Bitcoin full node, of which there are thousands, although there used to be more in 2012-2013. The decentralization of Bitcoin, including preventing double-spending, emerges from an abundance of full nodes – not just a variety of miners. Hence, we can alway use more full nodes. You can run Bitcoin full node on your laptop. The Bitcoin-Qt client also comes with a basic wallet UI. Since the node can’t run when your laptop is offline, there are also ways to run a full node in the cloud or on a machine that you don’t mind leaving on 24/7. Here’s a technical article on the many ways you can run a Bitcoin full node. If you’d rather pay someone else to run full nodes, check out http://fullnode.co/.
Lastly, the big Bitcoin adoption news since our last newsletter is Stripe. After over a year of testing, Stripe has officially made their payment API Bitcoin-friendly. Now we just need Stripe’s merchant partners like Facebook, Lyft and Sidecar to pass the Bitcoin payment option to the consumer
If you enjoyed the article, please make sure to leave a comment below, share us on twitter, or like us on facebook. Until next time, stay classy Bitwagers!
Photo by John Bakator on Unsplash