After losing “less than 19,000 BTC”, Bitstamp reopens with a BitGo partnership for multisignature HD wallets and infrasture upgrades.
Bitstamp, one of the industry’s leading bitcoin exchanges, announced that on January 4th some of their operational wallets were compromised, resulting in a loss ‘less than 19,000 BTC’. With $100M+ in cold storage reserves, the $5M+ loss is only a fraction of their holdings.
When the public was notified about the security breach, Bitstamp insisted users cease depositing into previously generated bitcoin deposit addresses. They also went ahead and suspended all services, while the team vigorously worked to rebuild their systems.
Dan Morehead, CEO of Pantera Capital and Bitstamps lead investor, initally distanced himself from the situation, removing the Bitstamp title from his profile for a brief period of time. Although, Morehead now seems to be supporting the re-launch of Bitstamp on Twitter, and has restored his Bitstamps title on Pantera’s website.
So, what exactly is there to do after a $5M+ security breach? Nejc Kordic, CEO of Bitstamp tells the community he skipped his connecting flight the evening of the 5th to stay in New York City and assess the situation. After being down for four days, Bitstamp re-opened yesterday with a rebuilt exchange platform.
HOW BITSTAMP HANDLED THE SITUATION
Unlike previous exchange failures, such as the Mt.Gox events, Bitstamp handled the situation quite well, resuming trading within 4 days and honoring all lost deposits and customers funds. With their implementation of BitGo’s security solution, Bitstamp has attempted to address its flaws.
Will O’Brien, CEO and co-founder of BitGo, commented on the way Bitstamp handled their unfortunate situation:
“I want to applaud Bitstamp CEO Nejc Kodrič and the entire Bitstamp team for the way they handled this crisis. When they first identified the hack on their hot wallet, they immediately notified customers and halted operations. They also made a commitment to honor deposits that were lost in the attack. And finally, rather than relaunching the same software, the company made the decision to partner with BitGo to integrate best-in-class security into its exchange."
O’Brien continued, "This highly professional approach is in stark contrast with the way that MtGox handled its breach in February 2014. Bitstamp (and its investor Pantera Capital) demonstrated leadership by being transparent and then coming back stronger than ever.”
With the re-launch this morning, Bitstamp has implemented BitGo, a multi-signature wallet solution. Bitstamp is the first exchange to implement this service for customer wallets. BitGo is an experienced and trusted security platform provider in the industry.
O’Brien also commented on the technical upgrades for the Bitstamps platform:
“Bitstamp’s hot wallet is now 2-of-3 P2SH multi-sig running on the BitGo Platform. Customer funds are deposited into HD wallet addresses. Withdrawals and co-signed by BitGo and can be halted if there is ever a breach. The backup key provides for disaster recovery. In addition, Bitstamp deployed new hardware and a clean environment for their software stack.”
Bitstamp re-built their platform from a secured backup, to ensure security and proper infrasture for the newly added services. With the hack in mind and implementation of multi-signature wallets, re-building from a secured backup is considered the best solution for the situation. BitGo integration allows the platform to process real-time transactions as well, unlike other companies that provide vault services.
Bitstamp is also now hosted on Amazon Web Services, an industry leader in cloud storage and performance. Nejc claims that AWS cloud services are “architected to be one of the most secure and reliable cloud computing environments available.”
With multi-signature wallets protecting users funds, a re-build backend system, and AWS’s cloud hosting services, Bitstamp seems to have taken their security issues seriously in hopes of winning back users.
SETTING NEW STANDARDS
Bitstamp, coined ‘Gox 2.0’ in the past few days by some members in the community, seems to be heading in the right direction. Bitstamp has offered commission free trading until the end of the Miami North American Bitcoin Conference, January 17th at 11:59PM UTC.
Online bitcoin communities flooded with user submitted posts this morning that “Bitstamp is back online!”, with a much better response than most of us expected. Some questions are arising of if Bitstamp is running as a fractional reserve, and others call for a proof of solvency audit, which I’m sure Bitstamp is taking into consideration.
Nejc wrapped up his community update with:
“On a personal note, I’d like to thank the incredible teams at Bitstamp and our lead investor, Pantera Capital, who have worked around-the-clock from multiple time zones in the last few days. I’m incredibly proud of the herculean work of this extended team, and grateful to the phenomenal show of support from customers, friends, and partners in the bitcoin community.”
Trading on the Bitstamp exchange resumed at 21:00 UTC, January 9th with the upgraded platform.