This morning, the feathers of many in the bitcoin community became ruffled upon hearing that KryptoKit had suddenly been removed from the Google Chrome Extension Store (it was brought back approximately thirty minutes later).
There was wide speculation as to what could have happened, and not even the developers could get a concrete answer.
Thankfully, a member of the Google Chrome team chimed in today over at the bitcoin section of Reddit.com, offering what turned out to be a very interesting explanation of what caused the faux pas.
“A malware developer hoping to steal bitcoin keys copied the kryptokit extension codebase in order to build their own malicious extension,” writes Tyler, a Chrome Product Manager.
“The pipelines that we use to detect malware flagged the real kryptokit extension as being nearly identical since the vast majority of the effective code and assets were the same, causing the extension to be blacklisted.”
Tyler adds that some folks in the Chrome team are themselves bitcoin fans, and noticed the problem upon seeing it posted on the bitcoin subreddit.
“The pipelines that we use to detect malware flagged the real kryptokit extension as being nearly identical since the vast majority of the effective code and assets were the same, causing the extension to be blacklisted.”
The team emphasizes that at no point was their date removed from user machines when the extension was pulled.
“Obviously this is a learning experience for us and we are continuing to perfect our protections in the webstore. But we wanted to emphasize that we are definitely not seeking to limit Bitcoin extensions in general or the kryptokit extension in particular – but rather trying our best to keep users safe from malicious exploits,” Tyler concludes.