---
title: The Bitcoin Piñata
abstract: ![Piñata](/static/img/pinata.png)
---

![Piñata](/static/img/pinata.png)

The [Bitcoin Piñata](http://ownme.ipredator.se) is a unikernel which serves as
bug bounty system to test TLS and the underlying implementations.  Its
communication endpoints are a website describing the setup, and both a TLS
client and a TLS server listening on a port.  The total size, including TLS,
X.509, TCP/IP, of the virtual machine image is 4MB, which is less than 4% of a
comparable system using a Linux kernel and OpenSSL.

When a TLS handshake with the Piñata is successful including mutual
authentication, the Piñata transmits the private key to a Bitcoin wallet which
initially contained 10BTC.  The project started on February 10th 2015.  Our
lender transferred on March 18th 2018 the 10BTC and repurposed them for other
projects.

On startup, the Piñata generates its certificate authority on the fly, including
certificates and private keys.  This means that only the Piñata itself contains
private keys which can authenticate successfully, and an attacker has to find
an exploitable flaw in any software layer (OCaml runtime, virtual network
device, TCP/IP stack, TLS library, X.509 validation, or elsewhere) to complete the challenge.

The Piñata is online since February 10th 2015, and even though hundreds of
thousands of connections and initiated TLS handshakes, no Bitcoins were taken.

By using a Bitcoin wallet, the Piñata is a transparent bug bounty.  Everybody
can observe (by looking into the blockchain) whether it has been compromised and
the money has been transferred to another wallet.  It is also self-serving: when
an attacker discovers a flaw, they don't need to fill out any forms to retrieve
the bounty, instead they can take the wallet, without any questions asked.