Cryptocurrency Frequently Asked Questions

By Christopher Moschella, CPA, CISA, Risk Advisory Services Senior Manager

Cryptocurrency Frequently Asked Questions

Cryptocurrency and Blockchain FAQs Answered

Cryptocurrency, Blockchain, and Bitcoin are terms used daily in the media and in various conversations. Below is a list of frequently asked questions collected from attendees of the March 16, 2021, Keiter webinar Cryptocurrency and Blockchain: The Basics Behind the Buzzwords (2021), see the recording here. Keiter’s Senior Manager in Risk Advisory Services, Chris Moschella, has provided insights to answer the questions gathered from the presentation below.

Who are the users?

The users are individuals or companies that submit transactions into the blockchain network to be validated and processed. The banking equivalent would be you logging in to your banking account and submitting a transaction to send money to another account.

Who are the miners?

The miners can be anyone, including you! Though not advisable these days, you could download a mining software, install it on your computer, and set your computer on its way to trying to “solve the block” by finding a valid hash that meets the work requirements.

The reality is that these days, mining has mostly moved out of the garage and into professional facilities with huge numbers of Application Specific Integrated Circuit (ASIC) computing devices doing the mining rather than that extra computer you had laying around. ASICs are specialized equipment designed to process the hashing function as quickly as possible.

Some miners pool their resources together with other miners into “mining pools.” By doing that they increase the chances that they will find the hash that meets the work requirements, but they also share in the reward if anyone from the pool finds the hash.

What happens if the wallet ID is lost?

Losing the wallet ID should not cause too many problems, as long as you still have your private key. The private key is used to generate the public key and the wallet ID. Most wallet software should let you import a private key.

If you lose your private key, however, you won’t be able to submit transactions into the Bitcoin network, making your Bitcoin completely inaccessible. Bitcoin from lost keys is still on the network, but for all practical purposes, it is gone.

Have any crypto currencies been hacked? What are the chances of an attack?

The main target for most attacks seems to be the cryptocurrency exchanges. For exchanges to work, they must protect the private keys of their customers. If a private key is stolen or lost, the cryptocurrency is as good as gone. This happened in the a very high-profile attack of Mt. Gox, a Japanese exchange, in 2014 when an attacker stole 740,000 Bitcoin from Mt. Gox customers! Read more here.

And then there was the case of QuadragaCX. The CEO, who was the only one who knew the password to access the private keys in cold storage, mysteriously died on his honeymoon in India from complications from Crohn’s disease, according to a sworn affidavit by his wife. The company’s customers were out their crypto that was valued at $170 million in December 2018. Read more here.

There was also a prominent hack of “The DAO,” which was a decentralized fund that ran on Ethereum. A vulnerability was found, exploited, and funds were stolen. Read more here.

Bitcoin, the protocol itself, has never been hacked (that we know of).

Are there ways for miners to mitigate competition with other miners?

Yes, miners can join forces with other miners in mining pools. By doing so they increase their collective odds of beating the other miners to “solving the block.” The downside of being in a mining pool is that you split the reward based on the amount of “hashing power” you contribute.  Read more here.

How long does it take for the nodes to come to a consensus regarding the work performed by the miner? Is this seconds, minutes, hours, a day?

I was having difficulty finding authoritative information on how much time the consensus process itself, apart from the mining, takes for Bitcoin. However, the consensus process is meant to be very fast. The nodes are not redoing all the mining, just validating the final solution provided by the miner. Because a block is supposed to be added every 10 minutes, and the vast majority of that time is consumed by mining my inclination is to say seconds.

Do Altcoins use the same processes to validate work/transactions as Bitcoin? Are they as secure as the blockchain utilized by Bitcoin?

With over 4,000 AltCoins, engineers have developed some really creative ways to validate transactions without the energy intensive Proof-of-Work model used by Bitcoin and others. I recommend researching Proof-of-Stake as an alternative to proof of work. This is the model being pushed in Ethereum 2.0. There is also the interesting approaches taken by Stellar, Ripple, Cardano, and others.

Whether these other blockchains are as secure as Bitcoin is not something I can readily answer. I can say that no blockchain is as proven as the Bitcoin blockchain, but that does not mean others are not secure.

How do the miners make money on the transaction?  If they are awarded Bitcoin how does that impact the supply?  Who can be a miner? What does it cost for a user to submit transactions to the network?

Miners earn money (Bitcoin) in two ways. One is the reward from the network itself for solving the block before the other miners. Presently the reward is 6.25 Bitcoin. This does increase the supply, but because the reward is cut in half every 210,000 blocks, eventually the reward will go to zero, and at that point, there will be about 21,000,000 BTC in circulation. So, although new Bitcoin is created every 10 minutes, which increases supply and is inflationary, this is balanced, at least in part, by the deflationary constraint of the knowledge that there is a hard limit on the number of Bitcoin that can ever exist and the rate of new Bitcoin supply is ever decreasing.

The second way miners earn money is from transaction fees. Individuals submitting their transactions into the network can incentivize miners to prioritize their transactions over others by providing voluntary transaction fees to the network. As the mining rewards get smaller through the halving process described above, the expectation is that the transaction fees will continue to increase. As I type this on 3/16/21, some of the recent totals for transaction fees for entire blocks range from 0.448 BTC to 1.094 BTC. At this moment in time, if you want your transaction to be included in the next 1-2 blocks on the Bitcoin blockchain, you can expect to add a transaction fee of about $50 – $60. Clearly not something you are going to do to buy a cup of coffee, but something you might be willing to do to buy a Tesla. If you are willing to wait an hour for the transaction to settle, you can expect to only pay about $22. All these values are based on the value of BTC to USD on March 16, 2021. Check current fee estimates at BLOCKCYPHER. As you can probably infer from the context above, transaction fees simply move Bitcoin that already exists, so it is not creating new Bitcoin.

You referenced the use of Bitcoin for bad actors. The lack of traceability affords for criminal acts. Cyber extortion being the key bad act that I have experienced.  When will it get so bad that the government has to do something about this?

Warning: My opinion to follow. Not Keiter’s opinion.

The government probably could step in if Bitcoin were centralized. But because it is a worldwide decentralized network, there is little the government could do to stop foreign crime syndicates from using it, even if it wanted to. While it is true that Bitcoin, and crypto in general, is a favorite payment method of cybercriminals, it’s also true that the U.S. dollar has been a favorite of criminals from drug dealers to Bernie Madoff for quite a lot longer. Combine that with the fact that Tesla, MicroStrategy, Square, major banking institutions, and other more legitimate users are getting in on the crypto game, I think the likelihood that the government will attempt to shut down a cryptocurrency is getting smaller by the day.

What are the perceived risks, if any, to Bitcoin, now that big banks are getting into mining?

Warning: My opinion to follow. Not Keiter’s opinion.

This probably depends on the cryptocurrency. For Bitcoin, a risk would be that banks would have resources to mount a 51% attack if they controlled the majority of the network’s hashing power.

Another risk I’ve heard discussed is that opening the paper market for crypto futures could be used to manipulate the true value of underlying asset, something not exactly unheard of.

With my tinfoil hat firmly affixed, I think it is fair to be skeptical of the big banks’ involvement with crypto. Cryptocurrencies have the potential to obviate at least some banking services. So, when I see them embracing cryptocurrencies, I think it is fair to be a little suspicious of their motives.

Can you reiterate why people are interested in cryptocurrency/bitcoin? What are the benefits/what do they gain?

This is a very complex question, and there are diverse reasons people like cryptocurrencies like Bitcoin. I would encourage you to find some informative articles on the topic in addition to what I have below, and please note that I am not expressing an opinion on the validity of the reasons, just that these are some of the reasons I see people cite:

  • Decentralized/No Government Control
  • Speculation
  • Cryptocurrencies in the form of Utility Tokens can be used to raise capital
  • Non-fungible tokens (NFTs) used as digital collectibles and proof of ownership for unique digital items
  • A form of push back against central bankers and government spending
  • Fast and inexpensive transactions
  • Easily and quickly access your crypto in a foreign country as a Plan B
  • Foundational tech for decentralized finance
  • It’s the new hotness, innovative, novel, and shiny!
  • Payment processing and banking services when you’ve been “cancelled’ by other banking institutions
  • It can eliminate expensive middlemen/escrow services
  • Security in a trustless environment

Share this Insight:

About the Author


Christopher Moschella

Christopher Moschella, CPA, CISA, Risk Advisory Services Senior Manager

Chris is a Senior Manager in Keiter’s Risk Advisory Services. Chris has a strong combination of IT skills, which range from IT audit and internal control assessments, including general computer controls and application controls, to full stack web development. Most recently, Chris developed a Cybersecurity web application that assesses an organization’s resistance to social engineering attacks. Chris shares his cybersecurity insights on our blog.

More Insights from Christopher Moschella

The information contained within this article is provided for informational purposes only and is current as of the date published. Online readers are advised not to act upon this information without seeking the service of a professional accountant, as this article is not a substitute for obtaining accounting, tax, or financial advice from a professional accountant.

Categories

Contact Us