Bitcoin Security Initiative

Bitcoin’s (un)common good 

Digital Currency Initiative at the MIT Media Lab Launches New Bitcoin Software and Security Effort with Industry Leaders

Thanks to millions of open source developer hours over the past 12 years, and a burgeoning and supportive ecosystem, Bitcoin is no longer an obscure cryptographic toy. It is now an open-source financial network that secures on the order of $1T of value. 

As the use of Bitcoin grows, and as it becomes more deeply embedded into our societies, the security of the network must grow and strengthen alongside it. Yet, as a common good, there is no one single Bitcoin protector or guardian to take on this formidable task. By design, there is no central command. And while this presents significant logistical challenges, it is also the distinguishing feature perhaps most unique to Bitcoin: no central point of failure. Bitcoin's nearly-uninterrupted operation over the years is a testament to the power of decentralization.

That said, a lack of central organization does not mean there is no need for thoughtful focus and coordination to continually reinforce Bitcoin’s security and preemptively shore up any vulnerabilities. 

Moving into the future, strategically supporting the development of Bitcoin will require understanding and proactively addressing a particular type of risk: protocol risk. Unlike traditional assets, Bitcoin is software running on a decentralized network. Bitcoin's security is predicated on the accuracy and robustness of the software and hardware running it, and the actions of those participating in the network. 

With this in mind, DCI has established a new Bitcoin Software and Security Effort. The four-year research and development program is designed to continue to harden the Bitcoin network and steward the industry's commitment to funding open source software. This will include contributing to Bitcoin Core development as well as rigorous long-term research, such as investigations into the stability of fee-based rewards and software to provide strong robustness and correctness guarantees. It will also include attracting domain experts in network and operating system security, compilers, programming languages, and more to join the effort.

A second important goal of this effort is to help reduce bottlenecks in the development ecosystem which might lead to centralization. Crucially, effort must be taken to ensure that critical knowledge, not only around the technology itself, but also around key processes, is systematically recorded and passed down to harden security and improve resilience. 

The objective of DCI’s new program is to contribute neutral, expert resources to improving the robustness of the Bitcoin protocol. Bitcoin’s security is foundational to the underlying technology’s continued evolution, as well as the broad realization of the public-good promises of digital currencies.

To fund the new four-year program, DCI has reached out to a cross-section of industry leaders, and we're proud to share that we’ve received $4M in charitable contributions towards our $8M goal. These resources will be used to hire open source developers and researchers, and to kick off an ecosystem-wide focus on longer-term strategies to harden the underlying protocol. 

Over the coming four years, DCI will focus its contributions to the Bitcoin community in four core areas of R&D: 

  • Sustaining a growing senior team of Bitcoin developers (Bitcoin Core and related infrastructure), moving from three to eight researchers and engineers, and expanding our expertise to meet new threats

  • Building up long-term defenses against layer-1 Bitcoin Core bugs by, for example supporting modularization efforts, researching safer programming paradigms and languages, and adding formal verification where possible

  • Preemptively investigating, monitoring, and strengthening the software against attacks, as well as researching the long-term economic security of the system  (e.g. the economic security of fees vs. inflation)

  • Improving automation, writing new tests and security tools, and decreasing reliance on scarce experts

Founding contributors to the DCI program include Alex Morcos (MIT '98) and Suhas Daftuar (Chaincode), CoinShares, Meltem Demirors (MIT Sloan '15), Jack Dorsey, Fidelity Digital Assets, Cameron and Tyler Winklevoss (Gemini), Reid Hoffman, Michael Saylor (MicroStrategy, MIT '87), and John Pfeffer.

Meltem Demirors, chair of the funding efforts, notes, “At CoinShares, we have a strong commitment to funding research and development that makes Bitcoin even more sustainable and secure. We’ve enjoyed collaborating with academic institutions like MIT, as well as hiring in-house researchers to further these goals. In the years ahead, I look forward to working with industry peers to promote a culture of sustainable open source funding in the Bitcoin community.”

Michael Saylor, Chairman and CEO of MicroStrategy, adds, “Bitcoin is the most important innovation since the advent of the internet, and it is our responsibility to invest not only in the asset, but also in the underlying infrastructure that is maintained and improved by open-source developers and nonprofit institutions like MIT’s DCI.”


Researchers and Collaborators