Skip to main content

BitGo Launches Platform API Opening Its Bitcoin Security Infrastructure to the Masses

Op-ed - BitGo Launches Platform API Opening Its Bitcoin Security Infrastructure to the Masses

Earlier today, Palo Alto­ based Bitcoin security service provider BitGo announced the general availability of the BitGo Platform API, which will allow developers to fully leverage, for the first time ever, the enterprise ­grade security features of BitGo’s multi­sig HD wallet in their own applications

The launch of this particular service stands to be a turning point in the Bitcoin industry. That’s because all companies, whether general merchants or Bitcoin service providers, are now capable of integrating the Bitcoin protocol into their core product without being forced to give up control of their bitcoins to a third party, or without facing the multiple and complex Bitcoin security challenges that have brought otherwise strong companies to their knees.

A bit of non­technical explanation here: API stands for “application programming interface,” a set of tools that allow developers to integrate functionality into their software that they would have otherwise had to build themselves. Instead of having to manually write and maintain a secure wallet, companies are now able to simply integrate BitGo’s secure wallet into their software. That leaves them free to focus on taking full advantage of Bitcoin as it relates to their product, rather than worrying constantly whether their integration of Bitcoin will produce a potentially devastating security vulnerability. Simply put, Bitcoin can now be integrated into products faster and more securely than ever before.

To realize how important this is, it may be useful to take a brief tour through a couple of recent security breaches in the Bitcoin world.

Probably the most notable and widely reported incident in Bitcoin’s history was the loss of 850,000 bitcoins held at the now bankrupt Mt. Gox exchange in Japan. At Bitcoin’s peak price, Mt. Gox was holding roughly $1 billion worth of customer funds—while its software was developed and maintained predominantly by a single inexperienced engineer.

There are many theories in circulation about exactly how and why Mt. Gox lost its bitcoin holdings, but one thing is certain: The company was not following appropriate security measures relative to how much value it was storing.

Across the world, on January 4th, six years and a day after Bitcoin’s initial introduction, the Slovenia­-based Bitcoin exchange Bitstamp also suffered a security breach in its hot wallet software. The breach resulted in the loss of 19,000 bitcoins—a small amount relative to Bitstamp’s total bitcoin reserves, but still of grave concern to them and the larger crypto world. But what followed was very different than the situation at Mt. Gox.

The day after discovering the security breach, Bitstamp took its service offline and began rebuilding its entire exchange platform. By January 9th, the rebuilding process was complete and Bitstamp announced the relaunch of its services. During the relaunch, Bitstamp became the first major Bitcoin exchange to integrate BitGo’s multi-sig technology via the now public BitGo Platform API. Nejc Korič, CEO of Bitstamp, had this to say: “BitGo is the only company in the industry we trust to secure our hot wallet. The integration was very straightforward, and now I can sleep better at night knowing that my customers’ holdings are secured with BitGo.”

It didn’t take long for other leading companies in the Bitcoin space to begin updating their architecture with the BitGo Platform API. Among them are Lamassu, a Bitcoin ATM with 40 market share, LibraTax, accounting software for Bitcoin taxes and bookkeeping, and TradeBlock, a digital currency data company (backed by the noted VC firm Andreessen Horowitz) offering an institutional order management platform.

In addition to announcing the public availability of its API and first set of platform developers, BitGo confirmed that its flagship product, the BitGo Enterprise web wallet, is in fact built over the new Platform API. This interesting bit of news implies that BitGo’s API has already gone through extensive real world testing by powering the company’s very own suite of products.

Like BitGo’s other products, BitGo holds one key for each wallet created using their API and acts as a co­signer for all bitcoin transactions. Before co­signing, thereby allowing an irreversible transfer of bitcoin to take place, BitGo validates the requested transaction against a set of fraud detection, business logic and treasury policies. BitGo does not control your bitcoin because they only have access to one key, two are required to perform a transaction. Under normal circumstances, one would use their own private key in conjunction with BitGo’s in order to initiate a transaction. In the event BitGo’s server went down or one wanted to move their bitcoin without requiring BitGo to co­sign, a third emergency private key is available to the user which allows them to bypass BitGo completely.

With the total amount of venture capital investment into Bitcoin now topping $400 million and merchants including the likes of Microsoft, Dell, Dish Network, Expedia and Intuit looking to further build out their Bitcoin offerings, the BitGo Platform API looks to be hitting a sweet spot in the market. As fewer CIOs and CTOs ask one another, “What is this Bitcoin thing?” and instead ask, “What is your Bitcoin strategy?”, scalable security solutions are bound to play an ever-­increasing role in Bitcoin’s adoption rate. End users should thus expect to see more companies integrating their products further with Bitcoin while suffering far fewer security breaches.

As for the people behind the enterprise, BitGo’s founders consist of:
• CEO Will O’Brien, a former executive at Big Fish Games, which last November was bought for $885 million by Churchill Downs;
• CTO Mike Belshe, a founding member of Google’s Chrome team and co­inventor of the SPDY protocol, which has forced the Internet Engineering Task Force to finally begin work on HTTP/2, for which SPDY served as the base implementation;
• CPO Ben Davenport, who sold his startup Beluga to Facebook in 2011. Beluga went on to become Facebook Messenger.

BitGo launched the world’s first multi­sig wallet, invented by Belshe, back in August, 2013. The following year, Gavin Andresen, chief scientist of the Bitcoin Foundation and Bitcoin’s lead core developer, stated, “This is the year of the multi­signature wallet.” With the introduction of an enterprise­ grade multi­sig wallet API, 2015 appears to be the year that infrastructure companies can confidently begin storing more and more value on the Bitcoin blockchain.