Financial and Monetary Systems

This former military bunker in the Swiss mountains is keeping Bitcoin safe

The Aiguille Verte mountain summit is pictured on the Mont-Blanc Massif from Emosson, Switzerland, August 9, 2017. REUTERS/Denis Balibouse

Keys are being stored in bunkers in Switzerland that provide access to the balance on the bitcoin network Image: REUTERS/Denis Balibouse

Joon Ian Wong
Technology Reporter, Quartz

I’m being driven along the eastern shore of Lake Lucerne when my guide points out our destination. “The bunker is in one of those mountains,” says Maxim Kon, gesturing at a fog shrouded peak on the opposite shore as he pilots his BMW convertible.

Kon is taking me to see one of the vaults where Xapo, the company he works for, stores its customers’ bitcoins. It’s no ordinary vault: I’ve been told it’s inside a decommissioned Swiss military bunker dug into a granite mountain. Its precise location is secret, and access is limited by security measures that would put a Bond villain to shame.

Kon won’t tell me how much bitcoin is stored in the vault, but he says he sometimes takes customers with “millions” of dollars worth of the cryptocurrency stored with Xapo to tour the vault. It’s odd to think of a virtual currency needing physical storage, but just like your most precious photos, even a cryptocurrency needs some kind of material container. Xapo’s founder is the Argentinian entrepreneur Wences Casares, the “patient zero” of bitcoin among Silicon Valley’s elite. It was Casares who gave tech luminaries like Bill Gates and Reid Hoffman their first bitcoins.

A bitcoin vault doesn’t store actual bitcoin units. Technically, what’s being stored are private, cryptographic keys. These keys form a pair with particular, public-facing, keys and provide access to the balance of coins stored on the bitcoin network. Gaining unauthorized access to someone’s private keys is akin to making off with a gold bar.

Stories of hackers finding their way through even the best secured accounts are legion, and it’s ironic that bank-like methods have to be used to keep cryptocurrencies safe. If someone gets hold of your private key, there’s no way to claw the funds back or demand a refund. That’s why a firm like Xapo that stores bitcoin is a juicy target for hackers—and why it requires paranoiac levels of security.

Have you read?

We pull off the highway and onto a single-track road. We’re surrounded by grazing cows and the odd hiker. A few minutes later we’re at the foot of a mountain, separated only by a 3-meter tall (10 ft) gate. We are met by Michel Streiff, who works for Deltalis, the company that runs the facility.

Deltalis operates the 10,000-square-foot data-center that now inhabits the decommissioned bunker. Server racks for banks, and any client who needs secure data processing, fill a cavity dug over 320 meters deep in the granite mountain. The Swiss military built the facility in 1947, and it served as the army’s secret headquarters during the Cold War, Agence-France Presse has reported. Inside, walls covered with detailed maps and ancient radio electronics serve as vestiges of its military past.

Streiff leads us to a concrete facade jutting out of the mountainside, the bunker’s entrance. We step through about a foot of concrete and enter the lobby. I sign in as I would at any office building, except I also have to present my fingerprints and be photographed. After that I step through a “man-trap”—a phone booth-sized cylinder made of bullet-proof glass that shuts me in until an operator opens the door on the opposite side.

Once through the man-trap, we touch our ID cards and pass through a set of steel revolving doors, then walk down a 100-meter long passageway through the granite. At the end of the passageway are two red steel doors that I’m told can survive a nuclear blast. Streiff invites me to try to close one—my 90 kg (198 pound) frame can’t budge it. “They’re closed every night,” he tells me, showing me how to hang off the handle and use his body’s momentum to gradually swing it shut.

Streiff and Kon are taking me to see Xapo’s “private suite,” an ultra-secure, customized, portion of the data center. We pass through a second man-trap and then end up in front of a nondescript white door. “This is further than anyone outside Xapo has been,” Streiff tells me, as he unlocks it. Inside is a space about the size of a walk-in closet containing a cooling unit, and yet another door. But that’s as far as they’ll let me go, and I’m not allowed to take photographs.

Beyond that door, I rely on what Carlos Rienzi, Xapo’s head of security, tells me later, when I’m back in London. Rienzi chose the vault for Xapo, and he designed the private suite and its security protocols. His “threat model,” as computer security jargon goes, is to protect against attacks from “well-funded terrorist groups or hackers.”

There are two more portals inside the suite: the first leads to an operators’ room, and the second to a “cold room.” The cold room is encircled with steel slabs to form a Faraday cage: a barrier that protects against a possible electromagnetic pulse (EMP) attack that could wipe out the data—and thus the keys to the bitcoin—stored in the room. For digital assets like bitcoin, thick walls and a secret location are not enough. A shield against invisible modes of attack like an EMP bomb must be provided for.

No one, not even the operator, enters the cold room. Its door is sealed with tape—like a crime scene—to ensure it’s not tampered with. The cold room contains hardware, which is never connected to the internet, used to sign bitcoin transactions. Signing a transaction can be performed offline. The operator accesses that hardware using “special cabling,” sending encrypted data to the hardware for signing. Finally, before a transaction can be approved, two more sign-offs, in two other vaults located on separate continents, must be performed.

I ask Rienzi if he feels pretty confident about the security measures he has in place in Switzerland. “We are under attack 24/7,” he tells me, referring to the terrorists and hackers he designed the vault to guard against. “This is not a race. It is a chess game. You have to think about the opponent’s next movement. You can never relax.”

The single-track road leading to the vault
Image: Quartz
 The entrance to the Deltalis data center.
Image: Quartz
The entrance to the bunker
Image: Quartz
 The lobby of the Deltalis data center, with a man-trap on the right.
Image: Quartz
 Entering the data center proper
Image: Quartz
A passageway through the granite mountain.
Image: Quartz
 An empty private suite before it’s occupied.
Image: Quartz
 Michel Streiff of Deltalis with one of the Cold War-era military maps
Image: Quartz
The entrance to the bunker
Image: Quartz
Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

Stay up to date:

The Digital Economy

Share:
The Big Picture
Explore and monitor how The Digital Economy is affecting economies, industries and global issues
World Economic Forum logo

Forum Stories newsletter

Bringing you weekly curated insights and analysis on the global issues that matter.

Subscribe today

How digital platforms and AI are empowering individual investors

Rishi Kapoor

December 20, 2024

How investing in connectivity and digital infrastructure can be a catalyst for inclusion and empowering people

About us

Engage with us

  • Sign in
  • Partner with us
  • Become a member
  • Sign up for our press releases
  • Subscribe to our newsletters
  • Contact us

Quick links

Language editions

Privacy Policy & Terms of Service

Sitemap

© 2024 World Economic Forum