The San Francisco based company had submitted a patent request to the United States Patent and Trademark Office (USPTO) on February 4th last year, adocument of which was published yesterday, on April 30th 2015. The document reveals BitGo’s application in which it is seeking a patent for a network device that is “configured to receive public keys, over an electronic network, of two or more second public-private keys,” something that is reportedly identical to the multisig functionality.
The controversy however is surrounded more around a term called “prior art”. As per a new law effective since September 16, 2012, USPTO requires patent applicants to submit a concise description of the borrowed technology, six months from prior to its publication. But as the Redditors believe, BitGo intentionally never mentioned that their “invention” is inspired from a third-party prior art — an open-source software.
First claim of 20150120569:
A memory device having instructions stored thereon that, in response to execution by a processing device, cause the processing device to perform operations comprising: obtaining a first public-private key pair; receiving over an electronic network public keys of two or more second public-private key pairs; and generating a digital currency address using the public keys of the two or more second public-private key pairs and a public key of the first public-private key pair.
From the specification:
Digital currency or cryptocurrency addresses (where your digital currency or cryptocurrency is stored) include Bitcoin addresses. Bitcoin addresses are secured today using public key cryptography and the Elliptic Curve Digital Signature Algorithm (ECDSA). This offers reasonable security. But the secret keys used within ECDSA are lengthy 256 numbers—not conducive to memorization, meaning that they key is typically stored on a tangible medium. The security of your bitcoin hinges on how safely you can protect this key stored on a tangible medium from others. To help us protect and manage our keys, users employ bitcoin wallets. There are many wallets available to choose from, and each offers its unique benefits for ease of use, security, and features.
Wallets can be divided into two basic categories: Client-side Wallets and Web Wallets. Client side Wallets, such as the original Satoshi Client, run locally on the user's computer. Web wallets are hosted on a web site and require no custom software installation from the user.
The advantage of a client side wallet is that your bitcoin keys are entirely under your own control. No intermediaries are required to help you transact. The disadvantage of the client side wallet is that the security is entirely your own. In effect you are the guard of your own bank. As such you need to: prevent malware and viruses from stealing your keys; maintain and update proper backups of your keys; and enforce physical security of the computer(s) containing the keys (e.g. locked with an encrypted hard disk).
Transacting with your bitcoins from multiple computers can be difficult, as it requires you to transfer the keys safely between multiple computers. Further, because most users take extra precautions with their passwords for their bitcoin cash, forgetting or losing unusually ‘strong’ passwords becomes a real threat of loss.
Web Wallets have the advantage that they are accessible through the web, from anywhere. The web site hosting your wallet needs to be a trusted party, as they often require direct access to your keys, or they may hold your keys while you don't have them at all. Assuming that the website does a good job managing the security of your keys, this can be an advantage, as you don't need to do it yourself. However, a web site holding many keys for millions of users is a very obvious target for attackers. If the web site is hacked, you will lose your bitcoin. Similarly, if the website is shutdown due to improper regulatory compliance, you will lose your bitcoin as well.