¢oinpunk Blog

May 11th, 2014

Preventing a Bitcoin Heartbleed

Kyle Drake

I wanted to give an update on what I've been working on in relation to the Coinpunk project.

Crowdfund campaign

During the crowdfund campaign, we managed to raise about $10,000 USD. To everyone that contributed: Thank you so much! We will be working on getting the merch sent out soon, so stay tuned for that. We didn't quite reach our goals for the campaign, and it's made us change our plans a little bit (which I'll talk about in this post), but every cent helps. It never ceases to amaze me how generous the Bitcoin community is. Again, thank you so much. Let me dive right in and tell you what we've been working on.

Dealing with Bitcoin's infrastructure code rot

I was recently on a startup panel at Inside Bitcoins in NYC. There, I noted my concern that there was some rot forming in the open source side of the Bitcoin world. The observation was that there has been a lot of funding for startups (in the tens or perhaps hundreds of millions), and at the same time, a lot of the Bitcoin open source projects were faltering, not being actively maintained, and really having a hard time securing funding.

I got the impression my warnings seemed a little odd when I mentioned this, so in a weird twist on what became every sysadmin's nightmare for a few weeks, I felt pretty validated when not more than 8 hours later, OpenSSL Heartbleed broke out. OpenSSL is a similar story - it's a very old open source project that a lot of people depend on, and has fallen into disrepair due to lack of funding and support. The incredibly talented OpenBSD team has recently forked OpenSSL into a separate project called LibreSSL, and are working to clean up the mess that is OpenSSL (you can see a chronicle of the madness here). And despite the fact that OpenBSD is working on this (and other incredibly important contributions like OpenSSH), they too are having similar problems raising funding to work on these projects. Open Source can be a pretty tough world sometimes, unfortunately. But we all continue to work on it, in our own way, because we believe in it. We believe that this is the best way to write useful software that people can really trust, and in the process help everyone in the community.

There was a particular project in the Bitcoin world that was worrying me for a while, and that was bitcoinjs-lib. Bitcoinjs-lib is an amazing JavaScript library that is being used in over 1.5 million wallets in production, today. Coinpunk uses it, as does Blockchain.info, BitAddress, GreenAddress, and now Dark Wallet. It hadn't been maintained in a few years, and instead people were using a lot of random forks with bugfixes of varying quality. There were bugs in some of these forks (some of them were pretty ugly, and could have led to loss of Bitcoins or theft due to RNG and other issues).

I decided that, instead of going full-steam-ahead with the next version of Coinpunk, it made more sense for me to go back for a while and work on cleaning up this library. By working on bitcoinjs-lib, I'm not just helping the next version of Coinpunk, I'm helping the entire Bitcoin community, which has always been the goal of this project. I found the cleanest forks, merged them together, and pushed them back into the bitcoinjs-lib repo. From there, a team of awesome contributers (Wei Lu and Daniel Cousens, and many other one-time contributers) have joined and done some great work improving the library. Once we finish our bitcoinjs-lib refactorings, then I'll start looking into the next version of Coinpunk. It delays things a bit, but if it makes the overall Bitcoin ecosystem better, I think it's the right thing to do.

The next version of Coinpunk

I've learned a lot from working on the first version of Coinpunk. One of the lessons I've learned is that storing anything relating to Bitcoins on a server, even if the data is encrypted, is a pretty bad idea, for many legal, ethical, and technical reasons. Encrypting passwords with PBKDF2 on the browser does not provide the level of security I think people should expect from a Bitcoin wallet. The iteration count is simply too low, which is a result of poor support for performance-optimized cryptography in the web browsers. It doesn't matter if you store encrypted wallets on the server, if your password hasher PBKDF2 count is so low that people can brute force them open with specialized computers.

That's why for the next version of Coinpunk, we're planning to switch things around a little bit. The next version of Coinpunk will be HD-wallet based, which uses a mnemonic string to re-create your keys in a way that you can back up by writing down the string on a piece of paper, and putting it in a safe place (or perhaps something similar to BIP38 to also add a password to that string). I like this solution more, because it reduces dependency on server reliability, and prevents a lot of weird bugs I've seen where some browsers will just fail to do things they're supposed to do with no reasonable explanation. It also dramatically increases security, because HD wallets are seeded with a (at a minimum) 128-bit key. This is far more security than the current Coinpunk provides.

As a result, I've decided that once the next Coinpunk is finished, we will be making it into browser plugins (or standalone executables for OSes), with an optional wallet running on a static HTML page that does not talk to the server except to receive transaction information and exchange prices. This will still work with iOS phones, but instead of storing the wallet on the server, we will be using the mnemonic string as the backup, and users can simply enter that into their phones to use their wallets on multiple platforms. The current plan is to build a server that can scan and index the blockchain for information we need to run the wallet, and then the wallet can ask the server for this information when it needs it. It's important that our solution works with altcoins, and not just Bitcoin, so we'll probably be working on a solution that involves the bitcoind RPC API (which all the altcoin forks support), but handles the indexing in a separate daemon rather than depending on a patched version of bitcoind, as Coinpunk currently does.

Collaboration with Skyhook, the Open Source ATM

I've also been working closely with Bitcoin startups in Portland, Oregon to help establish a local presence for Bitcoin, one that values our local tech community principles of being fair, honest, ecosystem-oriented and open source. I've recently started collaborating with Project Skyhook, which is a great group of people that are working on the first sub $1000 Bitcoin ATM. We're planning on making this a completely open source ATM (the source code will be released a few days from now). The ATM is designed in such a way that you'll be able to review the entire source code for the project, and modify it for your needs. I'll be helping to promote the ATM, and also doing some work on the backend code to improve the user's ability to choose their own backends. The work they need here is very complimentary to what Coinpunk needs, and a lot of the code I build for the next Coinpunk will fit very nicely into their needs as well. It's a good fit, with people that share my values about being transparent and open source, and also makes me less dependent on donations to pay for living expenses, while allowing me to help make it easier for people to buy Bitcoins (a major problem right now). It's a win-win.

The Skyhook ATM is not pre-order or vaporware. Project Skyhook is shipping ATMs, right now. If you're interested in using open source software to help people buy Bitcoins, be sure to check out the web site. If you'd like to see the unit in action, we'll be attending Bitcoin 2014 with some Euro accepting Skyhook ATMs. Feel free to ping me or Tim (the co-founder), who is also going to be on a Bitcoin ATMs panel on Friday at 3:30PM. Be sure to stop by!

Lots of Work Ahead

It's tough work, and there's a lot to do. But I think it's worth it, and it sows the infrastructural seeds for the long-term success of Bitcoin (and other crypto-currencies) in the future. When Bitcoin becomes safer and more accessible for everyone, we all win. Thank you for all your support over the last year, it means a lot.

See you on the moon.

-Kyle

PS: It's Mother's Day. Call your mother.

Feb 24th, 2014

Coinpunk desperately needs more funding

Kyle Drake

There's been a lot of talk lately about open source funding issues in the Bitcoin community, and I wanted to chime in, since Coinpunk is a completely open source, donation-driven project, and right now we're experiencing similar troubles.

The Problem

Coinpunk is an ongoing project to build an open-source HTML5 wallet. Because it's an HTML5 wallet, it works on anything that has a web browser (all desktops and phones), and Apple can't ban it from iPhones. We're not vaporware - we have a solution that works right now.

But unfortunately, it's not going to work long term in its current form. We've seen a large spike in users and interest, and we need to make some serious infrastructure improvements to be able to continue scaling. We need to improve ease-of-use, security, testing, developer library support, feature capability, reliability, code re-use, and scalability. And like everyone, we've got bills to pay: servers aren't free, and neither is food and rent for developers that really want to contribute more, but can't afford to work for free. As things are, we're having trouble keeping up. It's a serious threat to the long term success of the project.

To address this problem, we have been running a crowdfund campaign to help cover our funding requirements, and get some people onboard to help us build the next version of the platform.

But despite the contributions from great people we've gotten so far, we are falling very short on our goals for funding. We are having similar problems with getting open source funding that core Bitcoin is experiencing, and it's getting pretty worrysome, both for our continued work on Coinpunk, and for the Bitcoin ecosystem as a whole.

Part of this (perhaps most of it) is my fault - I was too busy keeping up with Coinpunk to put together a really polished crowdfunding video (it's just the video of me being a dork at Subway), and I'm learning quickly that I'm better at code than at promotion. For my role in this problem - I'm sorry, and I will try to do better for you in the future.

A lot of it I think is due to Bitcoin prices - people were a lot more generous when prices were going up. I think a lot of people are feeling the sting, and so are less keen to donate. Having felt the same sting (on a project and personal level), I completely understand.

A major part of this problem is also that big-time Bitcoin donors didn't show up. Almost all of our contributions have been small contributions - don't get me wrong, I'm very happy about that, because it means we have a lot of popular support from people that really care about Bitcoin (seriously, I love you all so much.. thank you).

But just like with politics, it's the big donations that provide the real backbone to make things work. If you're a miner/techie/investor/fund/startup that has a lot of bitcoins saved up, please consider contributing. A little for you goes a long way over here. If there's things you would like us to focus on in return, tell us about it. If it's a good fit for everyone, I will personally make sure it gets done.

Bitcoin is a startup, and you are an investor

There is tons of money available for startups, which makes it strange that it's so hard for open source projects within Bitcoin (including the official Bitcoin project) to raise funding. I'm not really sure why, but I want to emphasize: It's very important that people investing in specific startups in the Bitcoin ecosystem also invest in the ecosystem itself right now. If your startup fails because Bitcoin fails, so does your investment.

Right now, Coinpunk is the only Bitcoin wallet that works on an iPhone. That's 40% of the US market, and 12% internationally. When Bitcoin apps get banned, it harms the Bitcoin ecosystem, and therefore the price. If almost half the United States can't use Bitcoin on their phones, that means less people get interested in using Bitcoin personally. It also means less people buy things at shops that accept Bitcoin, which slows merchant interest, which continues the self-reinforcing downward spiral.

As the only wallet that works on the iPhone, Coinpunk is currently the only solution for this problem. I don't want it to be this way (I want a diverse and healthy ecosystem), but I've inherited this problem, and now I need to responsibly deal with it. I was actually planning on joining another startup (you've heard of) right before Apple started banning apps. But I had to quit that job to make sure that Coinpunk didn't fall apart under the stress without my attention, because the consequences to the Bitcoin community would have been terrible. It was a shitty decision to have to make, but I had to do it, because I couldn't in good conscience stand idly by and watch Apple streamroll over the Bitcoin community and all the hard work we've done.

I got a real taste of how bad the situation was when I went to the Subway to test the pure HTML5 QR code scanner for the first time, and learned they were using a Bitcoin wallet app that is now banned on Apple devices. How can we expect merchants to continue adopting Bitcoin if they have to deal with problems like that?

These problems come back to bite everybody, because these problems make the price of Bitcoin fall. Because Bitcoin's value is ultimately derived from its usefulness, I can guarantee you this: when you contribute to improving the Bitcoin ecosystem, you're not just getting better Bitcoin software - you're also serving to protect your own investment.

And that's the way to think about it. Don't think of contributing to open source bitcoin as a donation - think of it as an investment. Bitcoin is very unique in this sense: There are startups within Bitcoin, but Bitcoin itself is the real startup here. If you own Bitcoin, you are an investor. When you provide funds to help improve your startup, you are helping your startup succeed.

I'm treating Bitcoin like a startup myself. And that's great, because it lets me collaborate with everybody - even if I don't always agree with their goals or some of their politics (I'm looking at you, Dark Wallet). Coinpunk's overall goal isn't fundamentally to make the best HTML5 wallet ever written (though that is our plan). Our overall goal is to enrich and improve the Bitcoin ecosystem long-term, for everybody. For the users, for the mom-and-pop stores, for the startups, for the large merchants, for the developers, for the investors, for the independents, for the moderates, for the anarchists, for the libertarians, for the occupy wall streeters, for the indifferent DIY punks that want to do their own thing, for everybody. When we came up with a QR code solution for getting around the Apple ban, we shared that solution with everyone. When Blockchain got their app banned, we were literally there in solidarity with them, sharing info, the code for our HTML5 QR solution, helping to get the word out about what Apple was doing.. and proving nipples get hard when it's cold and you're wearing a tight fitting t-shirt. (The people working on Blockchain are great, BTW).

We need better conference support for developers (and women)

I also wanted to comment quickly about the Bitcoin conference situation. In the open source community, conferences compensate for freelance developer's travel when they invite them to do talks. This model has unfortunately not made it over to the Bitcoin conference community yet. We have gotten a lot of offers to speak at conferences, but had to turn them down because they wouldn't compensate for travel. If the open source community can compensate for travel, Bitcoin conferences can too. Please help developers working on open source Bitcoin software get the word out and collaborate. It's very important that we ensure freelance developers don't need to choose between putting food on the table and collaborating on Bitcoin development. If we don't provide this support, they will leave, and that's bad for everybody.

This probably isn't the right venue for this discussion, but a related problem is that many of the conferences and meetups have been hostile towards women - and that's a major problem that we all need to address. I will make sure that Coinpunk does our part to improve this situation, and we will be talking with conferences organizers to adopt some of the same policies used in the open source community to ensure a comfortable, professional, productive, and welcoming environment for everyone.

Help Bitcoin Prosper

Coinpunk's funding gap is risking our ability to improve the Bitcoin ecosystem.. We still need your help! Please consider contributing to our project, so we can do our part to help Bitcoin stays strong. And please, do the same for our brethren working hard on open source Bitcoin software, especially the great people working on core development.

Thank you so much for hearing us out, and for all your support. Despite the issues, I'm confident they can be solved by the community. It's been a great year for Bitcoin - let's keep this momentum going!

- @coinpunkapp

Feb 6th, 2014

Coinpunk's Response to Apple for Removal of Blockchain App

Apple has just pulled the last and biggest Bitcoin wallet from the App Store: Blockchain.

Blockchain being pulled from the app store proves what we've been saying all along: Apple isn't banning Bitcoin apps because of "legal grounds" (nobody is talking about making Bitcoin illegal), they're banning Bitcoin apps to anti-competitively prop up their own payments service. Because Blockchain's wallet and Coinpunk are HTML5 apps, we are the last Bitcoin wallets that can be used on the iPhone because you can use our wallets via Safari, which Apple can't block.

Bitcoin users, we need your help. We need you to take a stand against Apple, make noise, complain, and show Apple that there will be consequences to their actions. Now, only Coinpunk and Blockchain's HTML5 apps work on the iPhone.

Coinpunk needs your help to continue working on Coinpunk to ensure Apple can't stop Bitcoin. Contribute to our crowdfund campaign, help us fight Apple, help us provide universal Bitcoin adoption for everyone in the world.

Sign the petition to Apple to stop blocking Bitcoin wallet apps

Jan 29th, 2014

Contribute to Coinpunk, get a Skyhook ATM

Incase you haven't heard, Coinpunk is running a crowdfunding campaign to help build the next greatest version of Coinpunk. If you haven't donated yet, please consider doing so! It's very important we build up a fund so that we can continue to improve Coinpunk, and maintain the servers required to run our hosted wallet service.

Coinpunk is excited to announce a partnership with Skyhook ATM, a Portland based project to develop the first completely open source Bitcoin ATM. Skyhook has kindly allowed us to offer 8 early limited edition Skyhooks as perks for our campaign if you contribute $3000 (or BTC equivalent)! Your ATM will (optionally) have the logo of your organization on it. The early limited edition units are expected to start shipping mid March.

This is a great opportunity to be the first to get access to these amazing new ATMs. Like Coinpunk, they are completely open source, which means you can audit them, and they are easy to modify if you want to tinker with them and add improvements.

Here's your chance to both contribute to open source, and get something awesome in return. Head over to our crowdfund site and contribute today! On behalf of everyone working on Coinpunk, thank you.

Jan 6th, 2014

Coinpunk 0.3.4 released - minor security fixes

Edit: Please use 0.3.6, there were some related non-security bugs that have been fixed.

Coinpunk has just issued the 0.3.4 release, which fixes some potential XSS issues within the code that could have been used by attackers to stage a phishing attack. This is not a major vunerability - nobody has been affected by this issue, and it is now resolved.

Coinpunk takes security very seriously, so even though these are low-risk exploits, we still want to issue an announcement and strongly encourage all users to upgrade to 0.3.4 as soon as possible.

The Coinpunk project wants to express its gratitude to 47696d6569 for reporting on the vunerabilities, who we have compensated per the Coinpunk H4XX0RZ Bounty.

If you find a security issue with Coinpunk, you are strongly encouraged to report these findings to the project so we can resolve them as soon as possible!

Jan 5th, 2014

Coinpunk now has support for Two Factor Authentication!

We just wrapped up the support for 2FA (Two Factor Authentication)! This feature allows you to use Google Authenticator to create an extra token you need to sign in, in addition to your password. Google Authenticator is used by most sites for doing 2FA, and is available for free on iOS and Android phones in the app stores.

2FA is the single best thing you can do to improve the security of your online accounts. I use it for everything, even my Facebook account. If you're not in the habit of using 2FA, I strongly recommend getting into the habit. It's the single best step you can take to protect your online accounts.

How to use Coinpunk's 2FA

Login to your Coinpunk account (or create one), and click on Settings. Scroll down and you will see this dialog:

Now when you click on generate QR code, you can use the Google Authenticator app to scan the QR, which will save the key:

Now just type in the code on your phone, and it will save the key, and you're done! You will now need the code from your phone to login to Coinpunk:

Backing up the key

If you lose your phone, you won't be able to access your account anymore, which is obviously not a good thing. One thing you can do is save and print out the QR code before adding it to your phone. This will allow you to recover your key in the event your phone dies or you lose it. Be sure to keep this printout in a safe place, as it can be used by an attacker with physical access to your stuff to reproduce the key (but they would still need your password, of course).

For even higher security, use a Cold Wallet

Coinpunk is a Hot Wallet. It's great for quickly sending Bitcoins from your desktop and mobile phone, but it's not a great place to store a lot of your funds. Coinpunk is designed with high security in mind, but no online wallets are perfectly secure. If you have over $10k in Bitcoins, I strongly recommend making a cold wallet to store your funds for safekeeping. For more information on how to make a cold wallet, see the Bitcoin Wiki article on the topic.

Help us Build Coinpunk

Coinpunk is currently a donation-driven project. We have a lot more great features like this in store, we're just getting started. Please help us continue our work on Coinpunk. Our donation address is 1NkQFWYjADVLNC2to5cSQCCzCf312j1zEJ. And yes, it's powered by Coinpunk!

Coinpunk - the first fully open source HTML5 web wallet, now with even stronger security. What are you waiting for? Try it now!