Inside A Swiss Nuclear Bunker’s Secret Bitcoin Vault
Authored by Gareth Jenkinson via CoinTelegraph.com,
It sounds far-fetched, but it’s true. A vault in a secret nuclear bunker in the Swiss Alps protects a significant amount of Bitcoin.
Cointelegraph visited the facility to see how multiparty computation (MPC) shards stored in bunkers are used to provide bleeding-edge security to one of the world’s first Bitcoin banks.
Every Bitcoiner knows the phrase “not your keys, not your coins,” but you can’t keep hiding your hardware wallet or seed phrase under your mattress forever. With an estimated 2 million BTC irrevocably lost, how and where you store your BTC remains one of the most challenging aspects of owning the digital asset.
It sounds far-fetched, but it’s true. A secret nuclear bunker in the Swiss Alps houses a vault safeguarding #Bitcoin worth more than $100M 💵💵💵
I visited the site firsthand on a personal invitation by @xapobankapp. Here’s what I learned 👇
🔒 The vault is protected by layers… pic.twitter.com/B8vTIfwtaf
— Gareth Jenkinson – Token2049 🦙 (@gazza_jenks) September 26, 2024
For some, holding their BTC on an exchange is a risk they’re willing to take. Others move their Bitcoin into cold storage.
Those comfortable enough to entrust their BTC to a third party can choose the services of industry first-movers such as Xapo Bank, which uses a series of underground bunkers to safeguard their clients’ Bitcoin.
The “Fort Knox” of Bitcoin
“You’ve got another five minutes, then I need you to hand over your phone,” said Albert Rocca, Xapo’s senior HQ account manager.
The former career detective slipped our smartphones into an inconspicuous backpack as our helicopter chopped its way into the Swiss mountains. The bag’s inner compartment is a Faraday cage, cutting off our devices from any connectivity and making our location untraceable.
The helicopter touched down at a small landing strip nestled under the shadow of a steeply ascending vista. At its base is a smoothed-out granite surface with a single, military-style bunker door. It’s the first of many hermetic vault doors barricading the unknown mysteries inside.
Entering this bunker involves an exhaustive security check. After an ID check and pat-down, visitors are given a magnetic card that they must use to enter various points throughout the facility.
The first major barrier to entry is the six-ton vault door designed to withstand a nuclear blast. The guard scanned his retina and entered a code updated every minute before the massive door gradually swung open.
The most significant vault door leading into the facility weighs six tonnes. Source: Xapo Bank
Our group then moved into a smaller space with another barrier. This time, a man-trap enclosure with bulletproof glass on either side is used to measure visitors’ weight and height. This biometric data is linked to the magnetic card identifying you as you move through the facility.
Finally, we entered the bunker and were met with a tunnel of exposed rock winding into the mountain for about 30 meters, which led to the next set of security doors. This point requires entrants to perform a specific movement to move through, which is another deterrent to bamboozle unwanted guests.
The bunker is one of a handful in Switzerland that is dry, meaning that sections of its corridors are painted over exposed rock. Source: Xapo Bank
Behind this door is a corridor with vault doors on either side. Our entourage made its way to the door that accesses Xapo Bank’s vault.
Andrew Mannoukas, Xapo’s chief information security officer, is one of a select few who can access the innermost room inside the vault. On this visit, his credentials were revoked so he wouldn’t be taken hostage and forced to give us entry.
A small section of the bunker houses a number of infrastructure services secured by biometric scanners. Source: Xapo Bank
Behind the final door is the MPC shard, one of a number stored in vaults around the world. It is required to sign transactions to manage Xapo Bank’s BTC holdings.
According to Mannoukas, the sheer number of redundancies safeguarding the infrastructure makes it nearly impossible for an attacker to take control of the bank’s BTC.
“Why the vaults? It’s all about defense in depth. The physical security — those military-grade bunkers — adds another crucial layer of protection. It guards against insider threats, natural disasters and physical theft attempts,” Mannoukas explained.
Xapo’s shards are distributed globally at undisclosed locations and held by different entities whose exact locations are unknown to each other.
This geographical dispersion is designed to ensure that no single individual, organization or entity can access all of the shards, as doing so would effectively grant them control over the full private key.
Bunker prepared for everything
Xapo Bank’s vault is one of many services housed in the secret bunker. The owner, whose identity is withheld to maintain the site’s security, acquired the facility in a joint venture with the Swiss Air Force in the 1980s.
Now independently owned, the labyrinthine bunker houses all sorts of infrastructure, goods and assets.
The facility maintains all of its nuclear-resistant features. It houses two one-megawatt diesel generators and an intricate HEPA air filtration system that removes pollutants, including toxins and radioactive particles.
Two one-megawatt diesel generators automatically startup in the event of power failure, giving the facility a powerful backup energy source. Source: Xapo Bank
It also uses an underground lake to cool server rooms and other utilities within the bunker, eliminating the need for power-intensive air-cooling systems.
Different sections of the bunker have higher security clearances. Access to a hidden emergency exit requires permission from a remote security service. The tunnel is equipped with a timer, and ambient green lights illuminate the passage during the allotted time for crossing.
The bunker has numerous hermetic doors breaking up entry points to various sections of the facility. Source: Xapo Bank
Another six-ton door guards this entrance. The entry point still features a military-era deterrent — a small chute that allows a guard to drop a grenade into the corridor outside. The bunker is truly a surreal experience. It blends decades-old Swiss bunker construction with cutting-edge technology and infrastructure.
Swapping multisig for MPC
Xapo Bank shifted away from multisignature signing to protect its Bitcoin holdings in 2023.
The company has used these bunkers since its inception in 2013, and the multisig process involved guards manually completing hot and cold wallet BTC movements daily.
MPC technology has made this redundant. Homomorphic encryption has completely removed the risk of exposing private keys, adding an additional level of security assurance.
Mannoukas explained the MPC signing process as a group of chefs cooking a dish together, with each chef having a secret ingredient.
The chefs add their ingredients to the pot without showing them to each other. They stir the pot together, following a special recipe that mixes everything perfectly. In the end, everyone tastes the final dish, enjoying the combined flavors, but no one knows exactly what ingredients the others added:
“This is similar to how MPC works in that each chef involved (MPC shard) contributes their piece of the signature without revealing it, and when combined, these shards create a valid signature that is able to sign the transaction.”
This way, the group can authorize the transaction securely without any single person or entity holding the complete private key or the private key ever being assembled.
No expense has been spared in delivering this level of security. The bunkers alone cost millions of dollars annually to use.
The combined security measures remain one of Xapo’s major drawcards. Its clients forego the responsibility of self-custody in exchange for technology and infrastructure that most modern banks don’t employ.
Tyler Durden
Thu, 09/26/2024 – 10:55