A long-held bitcoin secret is about to be revealed.
No, it's not the identity of Satoshi Nakamoto, it's a private key the cryptocurrency's creator entrusted to several bitcoin developers that activates the protocol's so-called "alert system," once used to flash a text warning to those running the software in case something happened that could impact the security of their funds.
If you didn't know bitcoin had a warning system like this, that's because it was retired in 2016 due to security concerns and frequent confusion about its use.
"The alert system was a frequent source of misunderstanding about the security model and 'effective governance,'" well-known Bitcoin Core contributor Greg Maxwell wrote in a public email from September 2016.
In short, some in the bitcoin community thought it could be used to change that network rules that unite users, which isn't really the case. For example, a BitcoinJ developer once wanted to use the key to control fees, while a Bloq staffer pressed for Bitcoin Core developers to use the key to change the network's mining difficulty.
Plus, developers were worried that if the wrong person got ahold of the key, they could broadcast false messages or potentially cause panic.
As such, to some, the reveal – being undertaken by Bitcoin Core contributor Bryan Bishop – is a long time coming.
"Folks, it's going to be an interesting show," Bishop tweeted, followed by a string of tweets cryptographically proving he's in possession of the secret key, without fully revealing it quite yet.
The reveal is the final step to destroying the system. After Bitcoin Core developers released new code in 2016 without the alert system, in January 2017, a "final alert message" was broadcast, which – by law of the code – made that message unable to be overridden by any other messages in the future.
Still, the private key needs to be displayed publicly so there's no possibility of reputation attacks against those developers that hold it.
Bishop told CoinDesk he plans to release it soon, though he's not sure about the exact date, adding:
"It's time. I'm thinking about releasing the private key early July at Building on Bitcoin, though it's not finalized yet."
Danger for altcoins
Still, it isn't as easy as it sounds.
Revealing the key is potentially dangerous for any cryptocurrencies that used an older version of bitcoin's code to create their cryptocurrency and have not disabled the alert key mechanism in their own code.
"If the copycats have not disabled the alert system, nor changed the alert key [public key], and if they have not sent what's known as a final alert message, then once the [bitcoin] keys are released, anyone will be able to send alerts on those [other] networks," Bishop told CoinDesk.
It's happened before actually. Litecoin creator Charlie Lee recounted on Twitter just last week how the lesser-known Feathercoin protocol (which copied litecoin's code) received litecoin's alert about upgrading to the latest litecoin client.
And while that isn't a particularly nefarious example, Bishop said, controlling what alert messages are sent on various networks "sounds dangerous."
As such, in Maxwell's 2016 email, he said he had spent and would continue spending some time searching through other cryptocurrency codebases. If they were found to contain the alert key code from bitcoin, he vowed to notify those projects to remove that code.
Maxwell concluded:
"At some point after that, I would then plan to disclose this private key in public, eliminating any further potential of reputation attacks and diminishing the risk of misunderstanding the key as some special trusted source of authority."
See more:
https://www.coindesk.com/long-secret-bitcoin-key-finally-revealed/