News

The “Two-Man Rule” and Bitcoin Security

By Coin Fire

Last Updated: Jan 2, 2018

This morning, OKCoin shared information on how it secures cold wallets in an effort to move the industry forward.

The company released a statement saying,

Through this transparency, OKCoin aims to assure users of the security of their funds. We hope this helps the industry be more open and welcome feedback and new ideas.

The principles of the cold wallet security system borrow heavily from the “The Two-Person Concept,” otherwise known as the “two-man rule,” from the United States Air Force instructions (AFI 91-104). The two-man rule is a system designed to achieve a high level of security for especially critical operations.

During the height of the Cold War in the 1960s, the United States had several minute-men missile systems in which the “two-man rule” was used. In the event of an ordered launch, both crew members of the silo would have to turn their keys at the same moment on the commander’s count. The two ignitions were situated far enough apart that one person alone could not reach both keys and single-handedly provide the go-ahead to launch a missile.

OKCoin has implemented new security measures to protect customer cold-wallets after a security breach with the Bter cold wallet. On a reddit post this morning, OKCoin shared the following security principles and philosophies the company has applied to the cold wallet security system:

  1. Any equipment connected to the internet is inherently vulnerable.

  2. USB drives are unsafe as USB disks may be compromised with viruses. Such a USB virus may automatically record data in a computer network after it’s inserted and steal the contents within.

  3. No security practice can be reliant on one individual. Any access to cold wallet must require confirmation of two authorized parties.

  4. Everyone has the potential to suffer from an unexpected event. Others need to be authorized to access offsite backups in order to ensure safety.

  5. Individuals may be kidnapped, so important data must be saved in the highest security bank safe and require in-person access.

The company also outlined how it is generating private keys and backups, including principles from the “two-man rule”:

  1. Generate 10,000 private keys and corresponding address on the completely offline computer.

  2. Add AES private key encryption on the completely offline computer.

  3. Delete the original 10,000 private keys.

  4. AES password to be controlled by two OKCoin company personnel in separate locations – one in OKCoin’s Beijing office, one in a city on the West Coast of the United States.

  5. The two AES master password holders cannot use the same means of transportation at the same time.

  6. The address and encrypted private key on the offline computer are displayed in QR code format.

  7. The QR code of the address is scanned by another computer to publish the address of the cold wallet in order to receive deposits from our hot wallet. Each cold wallet address will be used only once. 8.The QR code of the encrypted key is printed and stored inside a highly secure bank vault. Even if the holder of the encrypted key was kidnapped, the document is secure as the holder must be present at the bank to retrieve it.

  8. The QR code of the encrypted key is stored and backed up – one in the bank safe in China, and another in a city on the East coast of the United States.

  9. Access to these two banks are granted to two separate people.

  10. These two people do not take transportation together.

  11. Those with access to the bank safes cannot be the same as the ones who control the AES password.

OKCoin is the first major exchange to publicly outline the measures being taken to secure customer funds at each step. The team’s statement also highlighted the handling of coins from cold-storage to hot-wallets:

  1. Send personnel to the bank safe near the office and retrieve the appropriate number of unused encrypted private keys. Scan the QR code of these keys into an offline computer.

  2. The QR code is scanned into another completely offline computer.

  3. The holder of the AES master password decrypts the encrypted private key on a completely offline computer.

  4. The private key is scanned using QR code to import into another entirely offline computer.

  5. Signing trading on another computer completely offline, and after the transaction signature synchronized to a computer with internet broadcast transaction through USB drive.

OKCoin CEO Star Xu reiterated to Coin Fire that the private keys for cold-storage are truly cold and that the two-man aspect is just one of the security precautions OKCoin has taken.

OKCoin’s transparency is another move forward towards increased information sharing in the cryptocurrency industry. The OKCoin team is looking for additional feedback on the security principles on reddit.

Titan missile launch key image courtesy of James Brooks.

Disclaimer Icon
Disclaimer
Crypto is a high-risk asset class. This article is provided for informational purposes and does not constitute investment advice. You could lose all of your capital.
99Bitcoins may receive advertising commissions for visits to a suggested operator through our affiliate links, at no added cost to you. All our recommendations follow a thorough review process.

Free Bitcoin Crash Course

  • Enjoyed by over 100,000 students.
  • One email a day, 7 days in a row.
  • Short and educational, guaranteed!

Why you can trust 99Bitcoins

10+ Years

Established in 2013, 99Bitcoin’s team members have been crypto experts since Bitcoin’s Early days.

90hr+

Weekly Research

100k+

Monthly readers

50+

Expert contributors

2000+

Crypto Projects Reviewed

Google News Icon
Follow 99Bitcoins on your Google News Feed
Get the latest updates, trends, and insights delivered straight to your fingertips. Subscribe now!
Subscribe now
Coin Fire

Coin Fire is a cryptocurrency news site started on June 6th of 2014. The site focused on hard-hitting investigative stories. Coin Fire was acquired by 99Bitcoins on October 2015. Read More

One thought on "1 on "The “Two-Man Rule” and Bitcoin Security"

  1. We understand your concerns but the entirety of this post was not based on reddit but rather discussions with the OKCoin team. This is not the entirety of the system they have deployed.

    We have equal concerns as well but those are best expressed in the reddit thread where they are asking for feedback.

    We stand by this report as it is still factually accurate. Can you please provide a link to show that other exchanges have publicly outlined this process? We were unable to find anything after extensive searching. Many people stated that other exchanges have done this but we searched very extensively and have asked repeatedly for links showing that 100% conclusively and have yet to find them.

Comments are closed.

Back to top