how coin exchanges protect them self against stealing coins?

Let suppose we have e-shop where you can buy with bitcoins. In this case, there is bitcoind that have locked wallet. In fact this wallet is never unlocked, because you can have another wallet on different computer with same wallet.dat file.

So in case of e-shops, even website is hacked and the hacker have full access of the server, he / she will not be able to steal any coins.

However in case of coin exchanges, there must be automatic withdrawal process. I am sure some exchanges withdraw money manually, but exchanges like Bitstamp, Bittrex, Binance, CoinExchange.io and others have such high volumes and this definitely can not be done manually.

How these exchanges protects against hacks?

Because the wallets must be unlocked, so all hacker need to do is to type bitcoin-cli send ....

If the wallet is locked, hacker might find the password somewhere on the server. Then he / she might unlock the wallet and send the coins.

Other way is hacker to "insert" his payment in payment queue and the system will send the coins for him.

bitcoind

Nick

Posted 2019-08-29T17:24:39.637

Reputation: 191

I'm voting to close this question as off-topic because it isn't specific to Bitcoin, it applies to any currency exchange or similar online financial service. The Bitcoin protocols and reference implementation don't specify how exchanges should secure their servers. – RedGrittyBrick – 2019-08-29T18:05:02.507

you are correct. this is not bitcoin specific, but crypto specific. still I don't think question must be closed. – Nick – 2019-08-29T18:22:40.880

Answers

(Sane) Exchanges don't store keys on an online, publicly accessible server or instance of bitcoind.

The normal approach is to set up a minimum of three wallets:

The receiver wallet - This wallet controls the addresses given to users to deposit their coins to. It is good practice to keep such keys entirely offline, as it is uncommon to need to move the BTC immediately after a deposit is received. Instead, exchanges tend to sweep the funds deposited over the last day/week every once in a while. These occasional txs can easily be signed offline and broadcasted when needed, asynchronously from the day to day operations of an exchange.
The cold wallet - This wallet is, once again, an offline wallet and holds the majority of the exchange's coins. Coins from the receiver wallet addresses are sent here. Additionally, cold wallets tend to use multisignature scripts/contracts to ensure that no single operator can move funds unilaterally. Usually, the founders/high level employees of an exchange will hold keys to this wallet, and multiple people will be required to sign a transaction before coins can be moved.
The hot wallet - These are usually the only keys that are available on a server. Even so, the server holding these keys will generally not have external internet access, and will only be accessible over the exchange's private network, and only from certain, authorized applications holding the correct credentials. This wallet contains a limited amount of coins, usually small enough that in the event of a hack, the exchange's own funds are able to cover the losses.

Raghav Sood

Posted 2019-08-29T17:24:39.637

Reputation: 10 897

Can you pls elaborate how hot wallet is "filled" up? is is manual process? – Nick – 2019-08-30T13:21:27.753

1It is usually a manual process, requiring multiple people to agree to send coins from the cold wallet - larger exchanges often have "warm" wallets, which require less people to agree for efficiency reasons, but are still more restricted than the hot wallet in where they can send coins to – Raghav Sood – 2019-08-30T15:41:00.177

that was extremely helpful – Nick – 2019-08-30T18:55:18.847

Remember that bitcoind is a reference implementation, but bitcoin itself is the abstraction of it.

In production environments not always you run the same software as in a desktop.

There are other bitcoin implementations that are meant for use in production systems at scale. One of them is called bcoin by the folks at purse.io and open sourced. And there are others more even.

FKrauss

Posted 2019-08-29T17:24:39.637

Reputation: 111