Hacker News new | past | comments | ask | show | jobs | submit login
Kryptology: Coinbase’s Open Source Cryptography Library (coinbase.com)
166 points by im_dario 8 months ago | hide | past | favorite | 50 comments

The API [1] is not as extensive as I'd hoped.

1. https://github.com/coinbase/kryptology/blob/master/api/READM...

The blog post mentions this project has been audited but it doesn't seem like there are any links to the audit(s). Did I miss it?

Interesting. I hadn't heard of FROST or Threshold Signing. It would be helpful to have example use cases divorced from their use cases and focused specifically on how to use these techniques.

Yea but, have you seen libsodium? It's actually good.

I don't believe this library exists in the same space. If you consider this sort of function, I don't believe you'll see equivalents in libsodium.


Correct, that's not in libsodium.

I am a little surprised this isn't in Rust or C.

There's a massive implicit bug bounty here:

1. Find a bug in this library and write up a proof of concept

2. Shortsell $COIN

3. Publish 1

Which I don't think is even illegal? It's all open source and public information so you're not trading on material nonpulic information that I know

I believe around February ‘20, a large Microsoft security issue was revealed, their stock was up 2%.

A counter example would be Ubiquity that did drop, after the article by Krebs was released.

Generally, bugs, even catastrophic ones can be an excuse to sell a position but never cause a sell-off.

At least that has been my observation.

Cryptocurrency is a different type of asset than a stock when it comes to (technical) security problems and thus has a vastly different risk profile than a stock. If Microsoft has a security issue, it _may_ affect _some_ users, they are still generating revenue and likely have insurance to cover some of the worst possible situations. Courts provide ways to assist in the real life "undo" button. There is no (technical) security issue, I am aware of, Microsoft could encounter that would cause it to immediately fold without nearly fathomable levels of coordinated negligence or World War against Microsoft.

If cryptocurrencies have a security issue, the entire asset can be irreversibly destroyed with _nothing_ of value left over. Imagine a cryptocurrency called $41TC01N (ShitCoin) has a zero-day that allows any wallet to be trivially compromised, by the time people take action or even understand the nature of the issue-- the attacker could have emptied and exchanged nearly every wallet on the network. The ones left with funds would be worth nothing, because the value has been irreversibly transferred outta the asset. There was a cryptocurrency of some kind recently that is only in existence because the hacker graciously gave it back.

Like, I'm pretty sure, long-term decentralized currencies aren't going to end up as cool as people think they are... distributed ledgers might be, for archival purposes, but like... I ain't seen anything even mildly useful but crappy-DRM, err my bad, I mean NFTs be executed on the blockchain.

With an attack that bad, everyone agrees to apply the patch and roll the network back to the block before the attack. The real hit is to the exchanges, but they’re aware of the risk and typically have procedures and enough buffer to deal with this.

The real value is in the code, the minds of the users, and the ledger itself.

what if everyone can trivially sign a message showing he is the (suppoesedly) rightful owner of an asset in that previous block (or earlier)?

That is what would happen if there is a huge security hole (like private keys were generated by a broken RNG… This has actually partially happened in bitcoin [not in a grand scale, but for individual users with some wallets], some coins have been stolen and others given back by white hat hackers like /r/joehoe, … It could be given back, because the errors were either in RNG or similar, and the crypto used was not fundamentally broken. But the day this would happen, a battle tested crypto completely broken overnight… which is very seldomly the case, then no way to know who was the rightful owner… if anyone can sign an equal valid message).

But yes you are right, in other cases that are more likely to happen, things would not break for everybody all at once

Anecdotal but I feel like investors in equities are probably pretty different than investors Krypto.

You’re not wrong.

SolarWinds tanked after their news and still have not recovered

I mean, they had a forward P/E ration of like 22, which was overvalued. They’re a more respectable 13x, it seems.

But that’s the idea…SWI was overvalued, and when the hack came, they sold off.

Basically, what I’m trying to say is that any overvalued company will sell off on bad news but “good” companies will hardly budge.

P.S. I do believe that Coinbase would sell off on similar news, for a myriad of reasons. But I’ve been wrong enough times that I wouldn’t put money on it.

RBLX offline for days, still in good shape.

Of course it's legal! Shortselling exists to incentivize this sort of creative destruction.

yes i love that episode of netflix’s dirty money - if through private investigation you find evidence of wrong doing you’re totally entitled to the profits of short selling, great incentive, if only we could fund more journalism this way

I thought the implicit bug bounty was using any exploit to drain coins yourself

That would not be legal afaik. Whereas shorting + publishing probably is legal.

Code is law. If your private key was made using a compromised RNG, and I find and derive the key, I am just as ethically, morally, and legally entitled to invoke whatever function I please.

After all, you can't make it illegal for people to yell prime numbers. That is all stealing bitcoin amounts to, is expression/possession of a very specific set of numbers, and a system that incentivises hearing, verifying, and repeating those numbers.

> ethically, morally, and legally

Idk about your morals or ethics but the "internet crime isn't real crime!" bandwagon crashed decades ago.

> After all, you can't make it illegal for people to yell prime numbers.

Sure you can. Michelle Carter[0] just digitally transmitted some prime numbers.

[0] https://www.nbcnews.com/news/us-news/michelle-carter-found-g...

> Idk about your morals or ethics but the "internet crime isn't real crime!" bandwagon crashed decades ago.

I personally can't tell the difference between any given cryptocurrency and a gold brick scam in the first place. It's not to say you're wrong, but to me the fix is regulating cryptocurrencies, not complaining that someone outsmarted an algorithm that controls millions of dollars of tokens in an unregulated market.

Further, should the government step in and prosecute crimes in said unregulated market? Who's to say what a crime is or whether it's just a feature of the software? If crypto currency is nothing but a gold brick scam, why should they exactly?

> Sure you can. Michelle Carter[0] just digitally transmitted some prime numbers.

So Michelle Carter transmitted 1, 2, 3, 5, 7, 11, 13, 17 ....? I don't think that's what she was convicted of.

But at the same point it seems weird that solving math problems online would somehow be made illegal. Now using said math problems to achieve ill gotten gains from a bank, would clearly be.

Every message you can send on the internet is "just numbers" at the lowest layer. Aren‘t you essentially arguing that it‘s somehow inherently impossible to commit crimes using telecommunication networks?

yes. I think it is actually an extension of the first amendment, a more admitted liberal thought.

Clearly, we must augment these computational systems with a social mechanism by which experts on system rules can interpret their intent and make judgements when things go awry. To make it fair when there's a problem, we could even let each party have their own rule experts make their cases before an impartial third party rule expert!

Given that humans seem incapable of writing bug-free code, 'code is law' seems like a power grab by the intellectually-inclined to exploit more germaine users without end.

So perhaps it is better to think of code as 'intent'.

How about: Code is more explicit and reliable than existing law, so it makes sense to try and make future law out of code.

Making graft visible is a feature, not a bug.

Even in computer programming, it makes sense to use the language most suitable to solve the problem at hand. Most humans don't speak programming languages.

Yes, you probably could formulate an employment contract in Rust – just like you could write a graphics driver in Rockstar [1].

And yes, many legal systems in the world are slow, inefficient, and prone to be gamed by the wealthy and powerful. I'd really rather we don't add a second layer of indirection and gatekeeping on top of or beneath that.

[1] https://codewithrockstar.com/

Most humans don’t have an accurate understanding of legal language either, but it’s even worse, because they think they understand it. Even those that do understand can’t rely on a specific outcome.

The refrain I keep hearing is “I’d rather we didn’t”, but all the incentives are aligned such that it is clear that we almost certainly will, if we don’t already behind closed doors.

I’d rather we didn’t have lethal autonomous weapons systems too, but we do, and I’m willing to bet they’re not going away.

So, while we have the chance, should we develop the laws by which they operate in cleartext in public, or hidden inside of existing bureaucracies and autocracies?

Sounds more like a misunderstanding of why there are differences between code and law.

Also code more reliable, unless you have a bug and someone siphons off millions of dollars of your customers money, irretrievably?

That’s also a feature. I understand if you don’t see it that way.

Not the first time someone's tried to sell a bug to me as a feature! But it is the first time someone's done it as an evidence free assertion.

I don't really agree with this... for one, legalese is actually very specific for the domain with which it is written (and that specificity is part of why it is so hard to read); and for another, the code in front of you might be explicit and "reliable", but can you say the same about the functions and libraries that it calls?

> After all, you can't make it illegal for people to yell prime numbers.

... actually https://en.wikipedia.org/wiki/Illegal_number#Illegal_primes

People keep making the bug bounty joke, but I think there is a certain survival of the fittest type improvement inherent in it though. Or put differently banks could do with a bit of that type of "beef up your systems or burn" pressure.

>Which I don't think is even illegal?

Probably not illegal. A lot of the crypto stuff that gets nailed has an implicit attempt to deceive/pyramid scheme it. Straight up short sellers...hell that's legal even on stock exchange...assuming the info is solid enough that you don't get sued to oblivion.

> hell that's legal even on stock exchange

Just want to point out that there is a lot that happens in the SEC regulated stock exchange that appears to not even be attempted to be corrected. Naked shorting is still happening all the time, for example.

That hinges on the bug being serious and exploitable

Depends. If the market moves on the news and you are able to close your position before people have fully assessed the risk, then maybe it’s more about the marketing.

The market is all about marketing!

We read this on every single crypto hack thread.

> Which I don't think is even illegal? It's all open source and public information so you're not trading on material nonpulic information that I know

The material nonpublic information I'd expect is that the the write up is going to be published.

The underlying information is public knowledge even if nobody understands it.

It’s no different than any other kind of analysis of public information, the only risk is stock market manipulation. But the SEC has already decided that short sellers can do this kind of analysis and publish it.

> Which I don't think is even illegal? It's all open source and public information so you're not trading on material nonpulic information that I know

I personally would not want to pay the legal bill necessary to convince the SEC of this fact, if it is even true.

I don't think these are with their purview

Regulation is by invitation by the banks who begged the government to create the SEC to stop the run on banks I think of 1896, just before the start of last century anyway.

You make a relatively bold assumption there that valuation of anything crypto-related would have any connection to reality whatsoever.

Applications are open for YC Winter 2023

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact