Cryptography is central to keeping blockchains secure, and in cryptographic logic exercises, Alice (A) passes information to Bob (B). In BREAKER’s blockchain advice column, Alice passes useful advice to “Bob,” our anonymous reader. Have a question? Ask Alice here.
Q: Dear Alice,
I’m the only woman at my crypto meet-up and it’s awkward. I’m always asking questions about governance. They’re always asking me out. And they won’t stop! A friend of mine suggested I start wearing a fake engagement ring to conferences. Should I do that? Or do you have any better ideas? I’m tired of these guys acting like they’ve never seen a woman before.
Not going to smile more, Bob
A: Dear Bob,
My impulse suggestion? Run. Don’t stop until you get to the airport. There, you’ll find a kiosk for Aer Lingus. Buy a ticket, fly to Dublin, and get in touch with these women. I hear good things about their women-centered blockchain discussion group.
In all seriousness, I’m sorry to hear men are bothering you at crypto meet-ups. Frankly, that sucks. It’s frustrating when people treat you a certain way because of your gender identity instead of your mastery of consensus mechanisms. It’s kind of like when people judge the crypto space based solely on some bros’ sleazy love of lambos, instead of the people who bid on a $75,000 CryptoKitty to help bring livestock to disadvantaged, rural communities. Or maybe the lambo judgment is accurate, and that’s why you’re writing to me in the first place.
Taking your friend’s advice and wearing a fake engagement ring sounds like a tempting alternative to getting harassed. Why not really commit and wear a false wedding ring? I hear that when certain lecherous men see wedding rings, they turn to stone.
However, you may be disappointed to find that that still won’t deter some men from seeing you as a potential date (I’m being polite, here) as opposed to a fellow person who’s interested in cryptocurrency’s potential to transform Walmart’s salad sales.
Plus, you shouldn’t have to pretend to be something you’re not so men will stop seeing you as one thing only. It’s the men who have the problem, not you, and they’re the ones who should change as a result. So next time you’re at a crypto meet-up and you start a conversation about governance only to get an “I’d like to govern you” response, take a moment to compose yourself. Then say, “What you said made me feel very uncomfortable. I’m happy to explain why, and then let’s actually talk about governance.” Respectful men will respect your boundaries.
If that doesn’t work? You could stick with the classic throw-your-drink in his face move, but why not get creative? John McAfee posted his number to Twitter a while back. When the guy who’s bothering you asks for your number a third time, give him McAfee’s instead.
Yours, Alice
Q: Dear Alice,
I have a terrible memory for passwords, but I’m all about decentralization. Hence my dilemma. I don’t want to keep my crypto with the $8 billion behemoth Coinbase, but I know if I forget my password (again), I can call them up and get it back. If I use my own personal crypto wallet, then I’m living the decentralized dream, but I’m also storing my keys solely in my sieve-like brain. What should I do? Compromise my decentralized ethos and risk losing my password—and therefore my crypto—forever? Or go to the centralized dark side?
Stressed about passwords, Bob
Dear Bob,
Keeping track of passwords in the digital age is tough. Between my CryptoKitty, dentist patient portal, Craigslist account, and four, separate emails, I have trouble myself. If you want to store the keys to your wallet a safe distance from your computer—instead of saving a Word doc on your computer labeled “passwords,” like I certainly don’t—you can try this tried and true method. After writing down your password on a piece of paper and dividing that paper into a bunch of different pieces, bury those pieces in different places within a seven-acre radius of your home and dig them up again when you need them most. Gray squirrels have been doing this with acorns for at least decades, and it works for them.
Assuming you are not a squirrel, however, let’s get down to brass tacks.
First, let’s talk Coinbase pros and cons. While Coinbase can certainly help you retrieve your password if you forget it, it’s also prone to hacks and phishing attempts. If you’re the kind of person who loses passwords, I’ll bet you have a few repeats. If you download malware and a nefarious phisher steals your Coinbase password, there’s nothing Coinbase can do to protect you, or stop that phisher from using it elsewhere. You surely know all about this, being against centralized platforms.
If you want to keep both your crypto-integrity and your cryptocurrency, you do have options. Cybersecurity expert Bojan Simic, CTO at decentralized authentication company HYPR, told me about a few. (We can get into the nuances of cold vs. hot wallets another time, but for now let’s just talk responsibility for remembering your own passcodes.)
One, you can share parts of the string of numbers or words that make up your wallet’s security keys with your friends, who can jog your memory if you forget. (For a deep dive into the pros and cons of having friends you can trust enough to both remember part of a password and not steal from you, please see here.)
Two, certain service providers will keep your password secrets safe for you. When you create your personal bitcoin wallet, you can get parts of your security keys sent to your email, phone, and one of those third-party services, which Simic said tend to be “anything but user-friendly.” Most of these are open-source projects and haven’t quite achieved the intuitive, commercial quality of something like, well, Coinbase. Simic named a couple options, like Multicrypt and Passguardian, but he can’t fully attest to their security.
Three, make your own third-party password-remembering service. Simic did it—you know, “just to prove that it can be done”—so surely you can, too.
If these solutions sound too complicated, you could seriously take a page out of the squirrel’s book. Stash your written passwords in a safe—just don’t keep it seven acres from your home. Or you could use this steel-made product that claims to keep your keys offline and “safe from the elements.”
Ultimately, the question of decentralized password ownership boils down to a trade-off. To get full control over your wallet, you’ll need to risk that password braving your “sieve-like brain.”
Yours, Alice