October 19, 2017
Somewhere in the mountains near Switzerland’s Lake Lucerne lies a hidden underground vault containing a vast fortune.
It’s no ordinary vault, according to Quartz. Built inside a decommissioned Swiss military bunker dug into a granite mountain, it’s precise location is a closely guarded secret, and access is limited by myriad security precautions.
But instead of gold bars, the bunker contains hard drives on which customers’ bitcoins are being kept in what’s call “cold storage” – i.e. the owners’ private keys are protected by an air-gapped hard drive. The vault is one of many operated by Xapo, an early bitcoin company known for its cold storage wallet products and a debit card that pays for transactions in digital currencies.
The company won’t disclose how much bitcoin is stored in the vault, but one employee who spoke with Quartz said he sometimes takes customers with millions of dollars in bitcoin on tours of the vaults where their fortune is stored. Xapo was founded by Argentinian entrepreneur and current CEO Wences Casares, whom Quartz describes as “patient zero” of bitcoin among Silicon Valley’s elite. Cesares reportedly gave Bill Gates and Reed Hoffman their first bitcoins.
As Quartz explains, the bitcoin vault doesn’t store actual bitcoin units. Instead, what’s being stored are the owners’ private cryptographic keys that allow the owner to access and transfer his or her bitcoins by matching the key with a public key that’s used to identify the coin on the blockchain. Gaining unauthorized access to someone’s private keys is akin to making off with a gold bar.
The inexorable rise in bitcoin’s valuation has been marred by notable hacking incidents like the collapse of Mt. Gox, which ushered in the longest bear market in bitcoin’s history. Security fears appear to have subsided as bitcoin’s price has soared to all-time highs, but incidents like the collapse of the DAO have inspired investors with substantial bitcoin wealth to look into protecting it.
To store the coins, Xapos contracts Deltalis, the company that technically operates the 10,000-square-foot data-center that now inhabits the decommissioned bunker.
Server racks for banks, and any client who needs secure data processing, fill a cavity dug over 320 meters deep in the granite mountain. The Swiss military built the facility in 1947, and it served as the army’s secret headquarters during the Cold War, Agence-France Presse has reported. Inside, walls covered with detailed maps and ancient radio electronics serve as vestiges of its military past.
To enter Xapo’s private vault in the Deltalis data center, visitors must endure an exhausting series of security procedures.
Streiff leads us to a concrete facade jutting out of the mountainside, the bunker’s entrance. We step through about a foot of concrete and enter the lobby. I sign in as I would at any office building, except I also have to present my fingerprints and be photographed. After that I step through a “man-trap”—a phone booth-sized cylinder made of bullet-proof glass that shuts me in until an operator opens the door on the opposite side.
Once through the man-trap, we touch our ID cards and pass through a set of steel revolving doors, then walk down a 100-meter long passageway through the granite. At the end of the passageway are two red steel doors that I’m told can survive a nuclear blast. Streiff invites me to try to close one—my 90 kg (198 pound) frame can’t budge it. “They’re closed every night,” he tells me, showing me how to hang off the handle and use his body’s momentum to gradually swing it shut.
Streiff and Kon are taking me to see Xapo’s “private suite,” an ultra-secure, customized, portion of the data center. We pass through a second man-trap and then end up in front of a nondescript white door. “This is further than anyone outside Xapo has been,” Streiff tells me, as he unlocks it. Inside is a space about the size of a walk-in closet containing a cooling unit, and yet another door. But that’s as far as they’ll let me go, and I’m not allowed to take photographs.
Security is similarly tight inside the vault. Nobody is allowed the enter the “cold room” where the bitcoins are stored on air-gapped hard drives. To protect against an electromagnetic pulse attack, the cold room is equipped with a Faraday cage, a type of barrier meant to block electromagnetic fields.
Beyond that door, I rely on what Carlos Rienzi, Xapo’s head of security, tells me later, when I’m back in London. Rienzi chose the vault for Xapo, and he designed the private suite and its security protocols. His “threat model,” as computer security jargon goes, is to protect against attacks from “well-funded terrorist groups or hackers.”
There are two more portals inside the suite: the first leads to an operators’ room, and the second to a “cold room.” The cold room is encircled with steel slabs to form a Faraday cage: a barrier that protects against a possible electromagnetic pulse (EMP) attack that could wipe out the data—and thus the keys to the bitcoin—stored in the room. For digital assets like bitcoin, thick walls and a secret location are not enough. A shield against invisible modes of attack like an EMP bomb must be provided for.
No one, not even the operator, enters the cold room. Its door is sealed with tape—like a crime scene—to ensure it’s not tampered with. The cold room contains hardware, which is never connected to the internet, used to sign bitcoin transactions. Signing a transaction can be performed offline. The operator accesses that hardware using “special cabling,” sending encrypted data to the hardware for signing. Finally, before a transaction can be approved, two more sign-offs, in two other vaults located on separate continents, must be performed.
I ask Rienzi if he feels pretty confident about the security measures he has in place in Switzerland. “We are under attack 24/7,” he tells me, referring to the terrorists and hackers he designed the vault to guard against. “This is not a race. It is a chess game. You have to think about the opponent’s next movement. You can never relax.”
Of course, all the security measures in the world can’t protect investors from a sudden plunge in the bitcoin price. However, the digital currency’s indomitable – for now – performance has silenced at least one of its most prominent critics. Then said, unlike precious metal specie, one carefully targeted EMP would be all it takes to sever the ownership chain for a long, long time.
Still, with the digital currency recently reaching yet another record high, despite relentless jawboning and rhetoric by everyone from Jamie Dimon to central bankers to China, we can only imagine the business of protecting bitcoin fortunes is set to boom.
This article was posted: Thursday, October 19, 2017 at 6:54 am