Securing Your Client’s Bitcoins (Part 1)

In this post, I’m going to talk about how businesses can secure any bitcoins or other cryptocurrency they might have. Lawyers need to understand how their clients’ businesses work, both for litigation and compliance purposes. Not to mention that law firms themselves should probably consider keeping at least some funds in Bitcoin for flexibility.

Private Keys

First, we need to discuss some basic concepts: Any bitcoins you have (and this is generally true for other cryptocurrencies) will be assigned a specific public/private key pair. The public key is also the address that people use to send you bitcoins. The private key lets you send those bitcoins to someone else. If a malicious actor has the private key, your bitcoins are gone, period. So the entire goal of Bitcoin security is to keep that key secure. (Really, it’s keys, plural, but we don’t have to get into that right now.)

Paper Wallet

Paper wallets put the public and private keys on a physical sheet of paper. By their very nature, they can’t be hacked. But except for sole proprietorships or very closely held companies, they are not suitable for business use. Why?

  • They can be destroyed in a fire or similar incident and the bitcoins would be lost forever.
  • It’s impossible to know whether a paper wallet had been copied at some point along the way.
  • There is no audit trail for a paper wallet.
  • Whenever the company wants to use funds in a paper wallet, the private key needs to be transferred into an online wallet.
  • It’s difficult to transfer responsibility for a paper wallet when someone is fired or moved to a new position. The easiest way to do it would be for the newly responsible employee to create a new paper wallet and transfer all the funds from the old paper wallet into it. But then any new funds transferred into the old wallet would be lost.

If you want to use a paper wallet:

  • bitaddress.org provides a wallet generator for Bitcoin
  • liteaddress.org provides a wallet generator for Litecoin
  • ethaddress.org provides a wallet generator for Ethereum

Later Posts

In later posts, I’ll talk about more enterprise-friendly methods, like hardware wallets, multi-sig, and other ideas that businesses could implement.

Author: Michael O'Connor

Michael O'Connor is an attorney in Quinn Emanuel's Washington, DC office. Prior to joining the firm, Michael clerked for the Hon. D. Brooks Smith of the U.S. Court of Appeals for the Third Circuit and worked for several years at another major international law firm. He has dual degrees in Computer Science and Biology from Penn State University. Michael's practice includes intellectual property litigation, antitrust litigation, and data security and privacy. Michael advises clients on legal planning for data breaches, their obligations for safe handling of personally identifiable information, and the legal implications from emerging technologies like Bitcoin, Ethereum, and the blockchain. He has applied his technical training to patent cases involving semiconductor design, systems programming, and mobile device architecture. He has worked on multiple cases at the intersection of patent and antitrust law. Michael represents clients in cases before federal courts throughout the country, as well as before the International Trade Commission.

One thought on “Securing Your Client’s Bitcoins (Part 1)”

Comments are closed.