Securing Your Client’s Bitcoins (Part 2)

In Part 1 of this series, we looked at paper wallets. Today I’ll discuss hardware wallets.

Hardware Wallets

Hardware wallets are a very significant upgrade from paper wallets. As I mentioned yesterday, paper wallets are actual sheets of paper with printed public and private keys. Each key pair corresponds to a particular Bitcoin “account,” and the private key allows access to all the bitcoins within that account. There are several significant problems with paper wallets:

  1. Anyone with access to the paper wallet has access to the bitcoins. (You can BIP-encrypt the wallet, but that’s a whole other post.)
  2. You never really know whether a copy has been made from a paper wallet at some point.
  3. To do anything with the bitcoins, you need to load them into an online wallet.

Hardware wallets fix these problems. These wallets are actual, physical devices with the sole purpose to store keys and sign cryptocurrency transactions. Several different manufacturers offer reputable devices, including:





Ledger Nano S


Hardware wallets address the issues with paper wallets in the following ways:

  1. Anyone with access to the paper wallet has access to the bitcoins. (You can BIP-encrypt the wallet, but that’s a whole other post.)  — Hardware wallets use a PIN, so only an authorized user can instruct the wallet to sign a transaction.
  2. You never really know whether a copy has been made from a paper wallet at some point. — Hardware wallets don’t show your private key. They take a transaction, sign it with the private key within their own internal hardware, then export the signed transaction. There’s nothing to copy.
  3. To do anything with the bitcoins, you need to load them into an online wallet.   Because hardware wallets have a connection to your computer (albeit carefully limited to prevent hacking), they can sign transactions without loading your private key to an online wallet.

Securing Your Client’s Bitcoins (Part 1)

In this post, I’m going to talk about how businesses can secure any bitcoins or other cryptocurrency they might have. Lawyers need to understand how their clients’ businesses work, both for litigation and compliance purposes. Not to mention that law firms themselves should probably consider keeping at least some funds in Bitcoin for flexibility.

Private Keys

First, we need to discuss some basic concepts: Any bitcoins you have (and this is generally true for other cryptocurrencies) will be assigned a specific public/private key pair. The public key is also the address that people use to send you bitcoins. The private key lets you send those bitcoins to someone else. If a malicious actor has the private key, your bitcoins are gone, period. So the entire goal of Bitcoin security is to keep that key secure. (Really, it’s keys, plural, but we don’t have to get into that right now.)

Paper Wallet

Paper wallets put the public and private keys on a physical sheet of paper. By their very nature, they can’t be hacked. But except for sole proprietorships or very closely held companies, they are not suitable for business use. Why?

  • They can be destroyed in a fire or similar incident and the bitcoins would be lost forever.
  • It’s impossible to know whether a paper wallet had been copied at some point along the way.
  • There is no audit trail for a paper wallet.
  • Whenever the company wants to use funds in a paper wallet, the private key needs to be transferred into an online wallet.
  • It’s difficult to transfer responsibility for a paper wallet when someone is fired or moved to a new position. The easiest way to do it would be for the newly responsible employee to create a new paper wallet and transfer all the funds from the old paper wallet into it. But then any new funds transferred into the old wallet would be lost.

If you want to use a paper wallet:

  • provides a wallet generator for Bitcoin
  • provides a wallet generator for Litecoin
  • provides a wallet generator for Ethereum

Later Posts

In later posts, I’ll talk about more enterprise-friendly methods, like hardware wallets, multi-sig, and other ideas that businesses could implement.

Defining More Terms

Writing the post yesterday, I realized that there are actually a lot of terms that people familiar with Bitcoin and blockchain technology take for granted. I thought it would be useful to cover some more terms today. For this post, I am drawing heavily from Coindesk’s excellent Glossary, but I am also adding further explanation where necessary.

51% attack

Coindesk says:

A condition in which more than half the computing power on a cryptocurrency network is controlled by a single miner or group of miners. That amount of power theoretically makes them the authority on the network. This means that every client on the network believes the attacker’s hashed transaction block. This gives them control over the network, including the power to:

  • Issue a transaction that conflicts with someone else’s.
  • Stop someone else’s transaction from being confirmed.
  • Spend the same coins multiple times.
  • Prevent other miners from mining valid blocks.

Bitcoin itself is viewed as a currency, but it is important to understand that the technology Bitcoin and other cryptocurrency runs on – the blockchain or distributed ledger – has broader applications. One of the underlying technology’s fundamental goals, though, is to eliminate any question about transaction validity. It accomplishes this by having multiple computers across the network validate a transaction. This is nearly foolproof, but if an attacker amasses a critical number of computers, they can force the network to believe a transaction occurred when it didn’t (or vice versa).

Note that the 51% attack does not work against all protocols. Different cryptocurrencies have developed or are developing technologies that resist the attack.


Coindesk says:

A bitcoin address is used to receive and send transactions on the bitcoin network. It contains a string of alphanumeric characters, but can also be represented as a scannable QR code. A bitcoin address is also the public key in the pair of keys used by bitcoin holders to digitally sign transactions (see Public key).

This explanation gives a peek into a much deeper topic. While I am tempted to discuss public and private keys here, I’ll discuss those later. For now, I’ll just offer a warning: Addresses are not account numbers. They are more like a serial number for a check. You can write any amount you want on the check. It can be one bitcoin or a thousand. But the check can’t be reused. Every time a transaction occurs in bitcoin, a new address is created.


Coindesk says:

The collective name for cryptocurrencies offered as alternatives to bitcoin. Litecoin, Feathercoin and PPcoin are all altcoins.

I’m just sad they leave out my favorite, Dogecoin:



Coindesk says:

Anti-Money Laundering techniques are used to stop people converting illegally obtained funds, to appear as though they have been earned legally. AML mechanisms can be legal or technical in nature. Regulators frequently apply AML techniques to bitcoin exchanges.

We’ve discussed money laundering before: here and here.

ASIC and ASIC miner

Coindesk says:

An Application Specific Integrated Circuit is a silicon chip specifically designed to do a single task. In the case of bitcoin, they are designed to process SHA-256 hashing problems to mine new bitcoins.

[An ASIC miner is a] piece of equipment containing an ASIC chip, configured to mine for bitcoins. They can come in the form of boards that plug into a backplane, devices with a USB connector, or standalone devices including all of the necessary software, that connect to a network via a wireless link or ethernet cable.

ASIC miners now provide the backbone for the Bitcoin network, because they are vastly more efficient than previous mining techniques like CPU or GPU mining.

Explaining Bitcoin to Federal Judges

Gordon v. Dailey, No. 14-7495 (D.N.J. June 20, 2016) is an excellent example showing why lawyers – especially those dealing with complicated emerging technologies like cryptocurrency – need to explain themselves to federal judges. Though the facts are a bit muddled, it appears that Plaintiffs entered a mining contract with Defendants. They got shorted in some way, and attempted to sue under the securities laws. The Court dismissed their case because they had not demonstrated neither that the mining contract at issue was subject to the securities laws nor that the amount in controversy exceeded $75,000 to trigger diversity jurisdiction.

But the holding itself isn’t very important, because it’s clear that the Court wasn’t making a determination about how the law applies to cryptocurrency. The Court was making a determination about how these particular Plaintiffs had done a poor job of explaining their claim. When the opinion leads off with the following, you know the parties have not done a great job educating the judge:

This suit involves Bitcoin transactions. The Amended Complaint, however, does not explain what Bitcoins are, beyond the allegations that Bitcoins are some form of virtual currency. Extrinsic sources were consulted to understand what Bitcoins are, and how they function.

And the footnotes go even further, calling out every specific term that Plaintiffs failed to define. I’ll give them a hand.

The Amended Complaint does not define or explain “hashrate.”

Hashrate – Bitcoin mining is governed by speed, specifically the speed that your processor can execute the particular calculations that the Bitcoin network requires. The faster your speed, the more likely that you will receive a mining reward in the form of additional bitcoins generated by the network. Hashrate is often measured in GH/s, meaning Gigahashes per second.

The Amended Complaint abbreviates Bitcoin as BTC. It is not clear what “BTC/GH/s” means.

BTC/GH/s – Bitcoins per Gigahash per second. Gigahashes per second is a measure of the hashrate of a particular mining computer or contract. Just as a computer buyer would compare processing speeds when purchasing a computer, people buying mining capacity compare hashrates. People often pay for mining capacity in bitcoins, so BTC/Gh/s is a measure of the price (in bitcoins) for a unit of mining capacity. This provides a stable, objective way of comparing mining contracts from different companies and finding the best price.

One goal of this blog will be to define these common terms in ways that lawyers, judges, and clients can understand them. I’ll try to add such definitions as these terms arise in cases, and will eventually compile them into a glossary.

Is Bitcoin Use Evidence of “Dangerousness to the Community”?

United States v. Donagal, No. 14-cr-00285 (N.D. Cal. Nov. 18, 2014) [Link]

Summary: Bitcoin use is one element demonstrating the size and sophistication of a drug operation, and may be considered in finding a defendant “dangerous to the community” such that he can be bound over for trial without bail.


The Government alleges that Defendant is the leader of a large, industrial illegal drug manufacturing operation. Defendant’s organization allegedly produced over a million illegal alprazolam (Xanax) tablets per week, as well as producing and distributing significant quantities of GHB, steroids, and other drugs. The government further proffers that Defendant arranged for large quantities of Xanax powder and pill-making equipment to be shipped from China, usually to his co-defendants or other nominee addresses. To pay for this material, he wired significant sums of cash to his connections in China, often through Western Union. The government further asserts that Defendant sold his pills online, including using the underground websites Silk Road, Silk Road 2.0, and a personal website, and he shipped drugs to 48 states. Defendant was paid by his customers in cash and in the digital currency of Bitcoins. The government proffered that agents seized over $200,000 in cash and $25,000 in Bitcoins from Defendant’s operation, but it claims that this figure represents a small fraction of the proceeds earned by Defendant. At the time of his arrest, Defendant was in possession of the machinery and raw ingredients necessary to produce very considerable quantities of additional illegal drugs, as detailed below.

Issues, Holdings, and Discussion:

  1. Can use of Bitcoin in a drug operation be considered as evidence of dangerousness, relevant to a bail decision? Yes:

Accepting the Government’s proffers, there is substantial evidence in this case that Defendant poses a danger to the community. Defendant is the head of an organization that manufactures and distributes large quantities of Xanax, and also deals GHB and oxycodone. At the time of his arrest, the Government seized 1.3 million Xanax tablets, over 300 pounds of anabolic steroids, four pounds of suspected oxycodone pills, and over four gallons of GHB, as well as the ingredients to make several million more Xanax pills. Defendant possesses the specialized machines and binding agent necessary for pill manufacture. The Government’s evidence also includes the participation of dozens of individuals, international importation, and the use of bitcoin currency. The scope and sophistication of the alleged enterprise support a finding that Defendant is a danger to the community.


  • It could certainly be argued that the Court’s comment regarding Bitcoin is dicta. While the Court uses it as one factor in its dangerousness analysis, it is very unlikely that the ultimate finding of dangerousness turned on Bitcoin use.
  • While some may find this disturbing, it is actually a very narrow holding. It seems almost certainly to be cabined to the rare situation where a criminal defendant is already running a large, sophisticated, unambiguously criminal enterprise (like a drug operation.)

Does Bitcoin Absolve Bank Robbers?

No, but State v. Eady, 875 N.W. 2d 139 (Wis. Ct. App. 2015), is a fun case nonetheless.

James Eady robbed a bank:

[O]n November 21, 2011, Eady entered the U.S. Bank branch on West Capitol Drive in Milwaukee and gave the teller a note reading in part, “[G]ive me the money. I’m not playin, I will blow your head off right now … $10,000.00.” In response, the teller, M.G., unlocked her money drawer and placed banded bundles of money under the security window. Eady took the money and left. The teller eventually identified Eady in an in-person line-up.

. . . .

. . . Numerous other witnesses also testified, including the bank manager, R.Z. She confirmed via a security staff audit of M.G.’s teller drawer that $1500 was missing. In addition, a Milwaukee Police Officer found the same jacket, hat, and sweatshirt that Eady had been wearing—as seen in the surveillance video and photos from the incident—in a yard near the bank. Found in a jacket pocket was a U.S. Bank deposit slip, which a State Crime Lab analyst said contained DNA matching samples of Eady’s DNA.

This was not a difficult case, but Eady thought he had a get-out-of-jail-free card. For it to be bank robbery and not just regular robbery, the State had to show that the bank was chartered. Indeed, the bank was chartered, but the State screwed up a little and didn’t introduce direct evidence. It didn’t matter to the jury, who found Eady guilty, but the Wisconsin Court of Appeals needed to patiently walk through why circumstantial evidence like the bank dispensing money – as opposed to direct evidence like the charter itself – could be enough for a verdict.

Enter Bitcoin. Eady argued that circumstantial evidence just isn’t good enough anymore. Anyone can dispense money:

Eady’s reply brief argues the possibility that absence of direct evidence of a charter could lead to conviction for robbing “a fake bank.” He also cites recent developments in the banking industry that provide financial services, citing PayPal, Google Wallet, Bitcoin, and Walmart’s NewGoBank. He suggests that although these institutions are not chartered banks, if subject to theft or fraud, a jury could “easily conclude that the defendant committed an offense against a financial institution.”

So anyone who defrauds another through Paypal or Google Wallet or Bitcoin is a BANK ROBBER. Since this is a ridiculous result, the whole statute needs to be revised. Right after they release Eady.

Except the Court wasn’t buying it:

We need not address hypothetical fact situations and limit our holding to the evidence presented to this jury. This evidence raises neither any inference of a fake bank nor of an unchartered bank. . . . We conclude the circumstantial evidence of a chartered bank here— including evidence regarding the day-to-day operation of the bank, the U.S. Bank deposit slip found in the clothing discarded near the bank, and the numerous signs indicating that the bank was a “U.S. Bank” insured by the FDIC—was sufficient in probative value and force such that it cannot be said as a matter of law that no trier of fact, acting reasonably, could have found guilt beyond a reasonable doubt. See Booker, 292 Wis. 2d 43, ¶22. Therefore, for all the foregoing reasons, we affirm the judgment.

And that is why Bitcoin cannot protect you from bank robbery arrests.

Can Buying and Selling Bitcoin Be Money Laundering?

In an earlier post, we looked at whether running a bitcoin exchange can be money laundering. In this post, we take a look at a more recent case with similar facts, but a very different conclusion.

While the entire scope of Richard Petix’s actions aren’t clear from the opinion, he was certainly buying and selling bitcoins. This was a violation of his parole, as he wasn’t supposed to be using a computer without permission, but the federal government wanted to tack on a money laundering charge. Magistrate Judge Scott thought this was an overreach. In the process, he almost certainly opened up a split with the Southern District’s decision in Faiella:

United States v. Petix, No. 15-CR-227A (W.D.N.Y. Dec. 1, 2016) [Link]

Summary: For the purposes of the money laundering statute, Bitcoin is neither “money” nor “funds.” Buying and selling Bitcoin is not money laundering.


  • “Between August 2014 and December 2015, Petix engaged in numerous transactions involving the buying and selling of bitcoins. . . . When the agents and probation officers confronted Petix, . . . [t]he open screen of the computer displayed information indicating that Petix had just completed a transaction involving 37 bitcoins with a value, at the time, of approximately $13,000.”

Issues, Holdings, and Discussion:

  1. Does Bitcoin qualify as “money” or “funds” under Section 1960? No:

Taking the two undefined terms in Section 1960 in reverse order, the Supreme Court already has applied the above principles of interpretation to the term “funds.” “The ordinary meaning of `fund[s]’ is `sum[s] of money . . . set aside for a specific purpose.'” Clark v. Rameker, ___ U.S. ___, 134 S. Ct. 2242, 2246 (2014) (ellipsis and brackets in original) (citation omitted). . . .

The ordinary understanding of “funds,” with its reference to “money,” necessarily brings the Court to an assessment of that other term. Legal authorities abound with uses of the term “money.” The Constitution gave Congress the enumerated power “[t]o coin Money, [and to] regulate the Value thereof.” U.S. Const. art. I, § 8, cl. 5. The United States Code, under a subchapter titled “Monetary System,” has a definition of legal tender that covers coins, currency, and notes. 31 U.S.C. § 5103. Another provision of Title 31 refers to “money” and “public money” as something that can be deposited in the United States Treasury. 31 U.S.C. § 3302. A portion of the tax code refers to estate transfers that occur “for a consideration in money or money’s worth.” 26 U.S.C. § 2043. Portions of the judicial code refer to “receiving and paying over money” compared to “disposing of such property,” 28 U.S.C. § 1921(c)(1); and to plural “moneys paid into any court of the United States,” 28 U.S.C. § 2041. Countless other examples exist, written before and after Section 1960, and of course the exact use of the term “money” will vary somewhat across very different statutes and cases.

What all of the above examples have in common, though, is the involvement of a sovereign. Across all of the legal authorities that make some reference to money, and despite new technologies that have emerged over the years within the United States monetary system, there has been a consistent understanding that money is not just any financial instrument or medium of exchange that people can devise on their own. “Money,” in its common use, is some kind of financial instrument or medium of exchange that is assessed value, made uniform, regulated, and protected by sovereign power. See, e.g., David G. Oedel, Why Regulate Cybermoney?, 46 Am. U. L. Rev. 1075, 1077 (1997) (“[I]n the background of most functional definitions are suggestions that money serves as a tool for governments to exercise macroeconomic control and to channel financial commerce along preferred routes.”) (citations omitted).

. . . .

The above context demonstrates that Bitcoin is not “money” as people ordinarily understand that term. Bitcoin operates as a medium of exchange like cash but does not issue from or enjoy the protection of any sovereign; in fact, the whole point of Bitcoin is to escape any entanglement with sovereign governments. Bitcoins themselves are simply computer files generated through a ledger system that operates on block chain technology. See, e.g., Shahla Hazratjee, Bitcoin: The Trade of Digital Signatures, 41 T. Marshall L. Rev. 55, 59 (2015) (“The Bitcoin system operates as a self-regulated online ledger of transactions. These transactions are currently denoted by the change of ownership in Coins. This ledger, also referred to as the `block chain,’ has certain built-in mechanisms that eradicate the risk of double spending or tampering with the master record of all transactions.”). Like marbles, Beanie Babies™, or Pokémon™ trading cards, bitcoins have value exclusively to the extent that people at any given time choose privately to assign them value. No governmental mechanisms assist with valuation or price stabilization, which likely explains why Bitcoin value fluctuates much more than that of the typical government-backed fiat currency. See, e.g., Jennifer R. Bagosy, Controversial Currency: Accepting Bitcoin As Payment for Legal Fees, Orange County Lawyer, June 2014, at 42 (“Bitcoin has other key features that make it very different from other methods of payment. First, the value of Bitcoin is highly volatile. In January 2013, one Bitcoin was worth about $13. By December 4, 2013, the price had skyrocketed to $1,061 per Bitcoin. By April 15, 2014, the value had dropped to $500 per Bitcoin.”) (citation omitted). As for experiences in daily life, ordinary people do not receive salaries in bitcoins, cannot deposit them at their local banks, and cannot use them to pay bills. The Court cannot rule out the possibility that widespread, ordinary use of bitcoins as money could occur someday, but that simply is not the case now[.]


  • Petix creates a rift with the S.D.N.Y.’s decision in United States v. Faiella 39 F. Supp. 3d. 544 (2014). To his credit, Magistrate Judge Scott directly confronts this split:

In United States v. Faiella, 39 F. Supp. 3d 544 (S.D.N.Y. 2014)a.k.a. the “Silk Road case”—the court turned directly to a dictionary to define both “money” and “funds” and then equated an ordinary understanding of those terms with the dictionary definitions. Accord United States v. Budovsky, No. 13CR368 DLC, 2015 WL 5602853 (S.D.N.Y. Sept. 23, 2015); United States v. Murgio, No. 15-CR-769 (AJN), 2016 WL 5107128 (S.D.N.Y. Sept. 19, 2016). Perhaps there were circumstances in that line of Southern District cases that justified a first and exclusive resort to a dictionary. “Dictionary definitions of `money,’ however, are not helpful in determining congressional intent in employing that term in [a criminal statute].” United States v. Jackson, 759 F.2d 342, 344 (4th Cir. 1985). As the Court noted above, there are several problems with a straight dictionary approach. First, a dictionary approach overlooks the numerous times in the United States Constitution and Code when the term “money” consistently has referred to some kind of instrument issued and regulated by a sovereign. Second, the approach does not address the Supreme Court’s determination of the ordinary meaning of the term “funds.” Third, as the Supreme Court noted in Yates, terms in ordinary life do not always line up with dictionary definitions, and ordinary people simply would not think of any private medium of exchange as money. Finally, resorting exclusively to a dictionary does not address the desire, implicit in Section 1960, to keep the United States monetary system away from criminal activity and transactions that support it. The weight of those authorities, experiences, and statutory objectives must be allowed to control here over broad technical definitions that lack context.

  • While Petix does not address it, Faiella‘s broad definition of money may open the door to money laundering charge for all buyers and sellers of bitcoins and, indeed, buyers and sellers of commodities in general. It seems unlikely that Congress intended the money laundering statute to sweep so broadly as to encompass a significant chunk of the economy as a whole. In a future post, I’ll look at money laundering cases beyond the Bitcoin context to try and place both Faiella and Petix in a broader frame.
  • Judge Scott suggests that while bitcoins may not be money at the moment, that could change: “The Court cannot rule out the possibility that widespread, ordinary use of bitcoins as money could occur someday, but that simply is not the case now[.]” Something that is not currently a crime could become a crime with no intervening statute or regulation. That seems troubling.