The Other Side of the Coin: User Experiences with Bitcoin Security and Privacy

Abstract

We present the first large-scale survey to investigate how users experience the Bitcoin ecosystem in terms of security, privacy and anonymity. We surveyed 990 Bitcoin users to determine Bitcoin management strategies and identified how users deploy security measures to protect their keys and bitcoins. We found that about 46% of our participants use web-hosted solutions to manage at least some of their bitcoins, and about half of them use exclusively such solutions. We also found that many users do not use all security capabilities of their selected Bitcoin management tool and have significant misconceptions on how to remain anonymous and protect their privacy in the Bitcoin network. Also, 22% of our participants have already lost money due to security breaches or self-induced errors. To get a deeper understanding, we conducted qualitative interviews to explain some of the observed phenomena.

Appendices

A CMT Categorization

In this section we discuss the term Coin Management Tool and provide a methodology to categorize CMTs according to the degree of control and verifiability a user can exercise with his respective client. The proposed scheme is tailored to Bitcoin-like cryptocurrencies, but explicitly designed in an utmost generic way so that it can be applied to other derived cryptocurrencies as long as they are not fundamentally different in their design. Our approach used the evaluation framework from [8] as a starting point. A categorization according to our scheme allows users to quickly distinguish clients according to their underlying security model and hence allows users to make an informed decision on the level of confidence and trust they can put into an individual client.

1.1 A.1 Definitions

When Bitcoin was in its infancy bitcoind was the only available Bitcoin client which performed all required tasks: mining management, P2P network communication and blockchain management, key management and virtual asset management. With the increased popularity of Bitcoin and cryptocurrencies in general, more and more software was developed which focused on a subset of individual tasks of the original implementation. Moreover, the design of Bitcoin allows users to use it even if they do not run mining software or a full P2P client (full node). As a result there exists software with varying feature sets where the handling of public-private key pairs is the most sensitive and hence the most common core feature. A Bitcoin wallet was originally defined as a collection of private keys¹⁵. Since this definition is very narrow, we introduced the broader definition of a Coin Management Tool (CMT) to account for the other areas without whom most cryptocurrencies would not work. Especially the network and blockchain layer of Bitcoin and other cryptocurrencies is not only important for the integrity of the system as a whole, but has a significant impact on the security and privacy of each and every end user.

1.2 A.2 Categorization

To categorize CMTs, we first identified critical CMT tasks which are directly related to security and privacy issues. This covers aspects regarding key management like generating keys/addresses and signing transactions, as well as P2P network communication and blockchain management like handling connections as well as verifying and storing the blockchain. These core tasks can be used to divide CMTs into five different categories. A client can be in more than one category depending on its configuration.

• cat. 0: A client which runs on a user-controlled device and is able to perform key management operations, but cannot perform any P2P network communication. Therefore, it is not a stand-alone solution. This includes some dedicated hardware clients/wallets and cold-storage clients which require a second online device for transaction processing.

• cat. I: A client which runs on a user-controlled device and performs all P2P network communication and blockchain verification related tasks, keeps a copy of the full blockchain, is able to perform all key management related operations and executes the mining algorithm. In other words, this is a client which can perform all required tasks to operate a cryptographic currency (e.g., the Bitcoin core implementation bitcoind when the option setgenerate true is set).

• cat. II: A client which runs on a user-controlled device and performs all P2P tasks related to network communication and blockchain verification, keeps a copy of the full blockchain and is able to perform all key management related operations. This type of client is sometimes referred to as thick-client or full-node.

• cat. III: A client which runs on a user-controlled device and performs certain P2P tasks related to network communication and blockchain verification but does not keep a copy of the full blockchain, although, it is able to perform all key- management-related operations. This type of client is sometimes referred to as thin-client or mobile-client/wallet and includes so-called SPV-clients/wallets (Simplified Payment Verification) e.g., Electrum.

• cat. IV: A client which does not run on a user-controlled device and where all tasks are performed by a trusted third party on behalf of the user. This type of client is sometimes referred to as hosted- or web-client/wallet. Thereby it is not relevant if the key management is handled in the browser (e.g., via JavaScript) since this would require the user to download (and verify) the script code from the website of the third party every time he/she wants to use it.

B Interview Questions

Questions with answer options as “( )” are multiple choice checkboxes whereas answer possibilities marked alphabetical e.g. “a)” are single selections.

1.1 B.1 BTC Demographics

 

Q1 :

Please input which year you started using Bitcoin:

a) 2009 b) 2010 c) 2011 d) 2012 e) 2013 f) 2014 g) 2015

Q2 :

Select which main features are responsible for you using Bitcoin (multiple selections possible):

( ) The opportunity of financial gain

( ) Curiosity

( ) Anonymous nature

( ) Decentralized nature

( ) A friend/colleague suggested to me to start using Bitcoin

( ) The possibility to internationally transfer money with relatively low fee

( ) The possibility to accept bitcoins for my services or for my products

( ) Other:

Q3 :

What is the estimated sum of bitcoins you are holding?

a) I hold approximately b) I do not want to specify

Q4 :

Please provide what services or products you pay for with bitcoins (multiple selections possible):

( ) Bars, restaurants

( ) Bitcoin gift cards

( ) Donations, tipping

( ) Drugs

( ) Gambling sites

( ) Hotels, travel

( ) Online marketplaces and auctions

( ) Online shopping (Newegg, ...)

( ) Altcoin (e.g. Litecoin, ...)

( ) Physical stores that accept bitcoins

( ) Underground marketplaces

( ) Virtual goods (webhosting, online newspapers, ...)

( ) Medium for currency exchange

( ) Other:

Q5 :

What do you think are the most likely risks associated with Bitcoin?

Q6 :

Please select the crypto currencies you are holding or using besides Bitcoin (multiple selections possible):

( ) I do not use other crypto currencies

( ) BanxShares

( ) BitShares

( ) BlackCoin

( ) Bytecoin

( ) Counterparty

( ) Dash

( ) Dogecoin

( ) Litecoin

( ) MaidSafeCoin

( ) MonaCoin

( ) Monero

( ) Namecoin

( ) Nxt

( ) Peercoin

( ) Primecoin

( ) Ripple

( ) Startcoin

( ) Stellar

( ) SuperNET

( ) Vertcoin

( ) YbCoin

( ) Other

Q7 :

Select the Bitcoin exchanges you have used in the past or you are using on regularly (multiple selections possible):

( ) None

( ) BanxIO

( ) Bitcoin Exchange Thailand

( ) Bittrex

( ) Bitcoin Indonesia

( ) bitcoin.de

( ) Bitfinex

( ) Bitstamp

( ) BitX South Africa

( ) BTC-e

( ) BTC38

( ) BTCChina

( ) CCEDK

( ) Cryptsy

( ) Gatecoin

( ) hibtc

( ) Kraken

( ) Mt. Gox

( ) OKCoin

( ) Poloniex

( ) QuadrigaCX

( ) The Rock Trading

( ) VirWox

( ) Other:

Q8 :

What do you think are the greatest benefits of Bitcoin?

Q9 :

How often do you perform Bitcoin transactions?

a) At least once a day b) At least once a week c) At least once a month d) At least once every six months e) At least once a year f) Less than once a year

 

1.2 B.2 BTC Wallets

 

Q10 :

Please tick which wallets you are \({<}{\text {b}}{>}\)currently\({<}\text {/b}{>}\) using (multiple selections possible):

( ) Airbitz

( ) Armory

( ) Bitcoin Core

( ) Bitcoin Wallet (Schildbach Wallet)

( ) BitGo

( ) Bither

( ) breadwallet

( ) Circle

( ) Coinapult

( ) Coinbase

( ) Coinkite

( ) Coinomi

( ) Electrum

( ) Green Address

( ) Hive

( ) Ledger Nano

( ) mSIGNA

( ) MultiBit

( ) Mycelium

( ) Ninki

( ) TREZOR

( ) Xapo

( ) Not in list

Q11 :

Why did you choose to use multiple wallets to manage your bitcoins?

 

1.3 B.3 Wallet Usage

For every selected wallet in Q10 we asked the following questions.  

Q12 :

Why did you choose \(\langle \)wallet-name\(\rangle \) to manage your Bitcoins?

Q13 :

How many bitcoins do you have approximately in this wallet?

a) I hold approximately \(\langle \)textfield\(\rangle \) bitcoins. b) I do not want to specify

Q14 :

Is this wallet password protected?

a) Yes b) No c) I do not care d) I do not know

Q15 :

Is this wallet encrypted?

a) Yes b) No c) I do not care d) I do not know

Q16 :

Is this wallet backed up?

a) Yes b) No c) I do not know

 

1.4 B.4 BTC Mining

 

Q17 :

Are you currently mining bitcoins?

a) Yes, since b) No, but I have mined from-to c) No, I have never mined bitcoins

Q18 :

How many bitcoins have you mined in total?

a) I mined approximately b) I do not want to specify

Q19 :

Do you or have you participated in mining pools?

a) Yes b) No

Q20 :

Please tick the names of the mining pools you have or are participating in (multiple mentions possible):

( ) 21 Inc.

( ) AntPool

( ) Bitcoin Affiliate Network

( ) BitFury

( ) BitMinter

( ) Bitsolo

( ) BTCChina Pool

( ) BTC Guild

( ) BTC Nuggets

( ) BW.COM

( ) EclipseMC

( ) Eligius

( ) F2Pool

( ) GHash.IO

( ) Kano CKPool

( ) KnCMiner

( ) MegaBigPower

( ) P2Pool

( ) Slush

( ) Telco 214

( ) Other:

 

1.5 B.5 BTC Server

 

Q21 :

Do you run a full Bitcoin server that is reachable for others from the Internet?

a) Yes b) No

Q22 :

Please provide some reasons on why you operate a full Bitcoin server (multiple selections possible):

( ) Fast transaction propagation

( ) Double-spending detection

( ) Network analysis

( ) Support the Bitcoin network

( ) Other

 

1.6 B.6 BTC Security Risks

 

Q23 :

How would you estimate the risk of monetary loss for Bitcoin compared to credit cards?

(7 Point Likert-Scale from “High” to “Low”)

Q24 :

How high do you think is the risk of becoming a victim of a successful double spending attack?

(7 Point Likert-Scale from “High” to “Low”)

Q25 :

How high or low would you estimate the risk for malware that steals your Bitcoins?

(7 Point Likert-Scale from “High” to “Low”)

Q26 :

How would you estimate the risk of monetary theft in case the device with your wallet gets lost or stolen?

(7 Point Likert-Scale from “High” to “Low”)

Q27 :

How would you estimate the risk of de-anonymization?

(7 Point Likert-Scale from “High” to “Low”)

Q28 :

How high do you think the risk of cryptographic flaws is?

(7 Point Likert-Scale from “High” to “Low”)

Q29 :

How high do you think is the risk of security vulnerabilities in hosted/web wallets or Exchange services?

(7 Point Likert-Scale from “High” to “Low”)

Q30 :

How high do you think is the risk of key loss due to a device failure?

(7 Point Likert-Scale from “High” to “Low”)

Q31 :

How high do you think is the risk that the Bitcoin network is temporarily not available?

(7 Point Likert-Scale from “High” to “Low”)

Q32 :

How high do you think is the risk of a centralization of mining?

(7 Point Likert-Scale from “High” to “Low”)

Q33 :

How high do you think is the risk of a strong fluctuation in the Bitcoin exchange rate (e.g. BTC to USD and vice versa)?

(7 Point Likert-Scale from “High” to “Low”)

 

1.7 B.7 BTC Anonymity

 

Q34 :

Do you think that Bitcoin usage is anonymous?

a) Yes, Bitcoin is fully anonymous b) No, Bitcoin is not anonymous c) Not per se, but it can be used in an anonymous manner

Q35 :

Do you think it is possible to follow your transactions?

a) Yes b) No

Q36 :

Have you ever used Bitcoin over \(\text {Tor}{<}\text {b}\) title = “Tor is free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security. More info at www.torproject.org”?

a) Yes b) No

Q37 :

Do you take additional steps to ensure your privacy using Bitcoin?

a) Yes b) No

 

1.8 B.8 BTC Security Breaches

 

Q38 :

Have you ever lost your bitcoins or Bitcoin keys?

a) Yes b) No

Q39 :

Please select the reason for your key/Bitcoin loss (multiple selections possible):

( ) Hardware failure (e.g. hard drive broke, etc.)

( ) Software failure (e.g. keyfile corruption, etc.)

( ) Self induced event (e.g. hard drive formatted, physical device lost, etc.)

( ) Malicious event (e.g. malware, hacker, etc.)

( ) Other

Q40 :

Have you been able to recover your keys?

a) Yes, b) No,

Q41 :

How many bitcoins did you loose due to this incident?

a) bitcoins b) I do not want to specify

Q42 :

Please select the security incidents you have been affected by (multiple selections possible):

( ) None

( ) Mt. Gox incident

( ) Silk Road bust

( ) inputs.io hack

( ) Pony botnet malware

( ) Pyramid schemes/HYIPS (High yield investment programs)

( ) Mining hardware scams (Labcoin, Active Mining Corporation, Ice Drill, AsicMiningEquipment.com Dragon-Miner.com, ...)

( ) Mining pool scams

( ) Scam wallets

( ) Bitcoin exchange scam

( ) Other:

Q43 :

How did you deal with the incident?

Q44 :

What was the approximate value of your lost bitcoins in USD?

a) USD b) I do not want to specify c) I do not know

 

1.9 B.9 Demographics

 

Q45 :

Please provide your age:

Q45 :

Please provide your gender:

a) Female b) Male c) Do not want to specify

Q46 :

Please select your highest completed level of education:

a) Did Not Complete High School b) High School/GED c) Some College d) Bachelor’s Degree e) Master’s Degree f) Advanced Graduate work or Ph.D. g) Not Sure

Q47 :

Do you work or study in a computer science related field?

a) Yes b) No

Q48 :

How would you describe yourself in terms of privacy behaviour?

A continouos slider between “I am not concerned about my privacy” and “I would describe myself as a privacy fundamentalist”

 

1.10 B.10 End

 

Q49 :

You can enter your Bitcoin address in the textfield below. Please make sure that your address is correct in order to receive your incentive.

Q49 :

This is the place where you can provide suggestions, complaints or any other information we may have forgotten to ask in the questionnaire.

 

C Address Signature

D Reference link issue

We had a problem in our implementation of this last page of the survey which also showed the link to the survey containing a random reference which should identify this particular participant in our rewarding scheme. If the CAPTCHA was not solved successfully the side reloads itself and would also calculate and show a different reference link. The references link will only be stored and linked to this particular participant if the CAPTCHA is entered correctly. Therefore, all users which just copied the first link and then entered a wrong CAPTCHA distributed a link we where not able to attribute correctly at the end of the survey.