Mike Sires, a military veteran from Dublin, Ohio, has developed AuthLN, a proof-of-work authentication protocol that aims to reduce cybercrime by introducing a financial cost to unauthorized login attempts. Drawing on his experience with Bitcoin and inspiration from Jason Lowery’s “Softwar” thesis, Sires seeks to make cyberattacks unprofitable by leveraging the Bitcoin Lightning Network.
Sires was introduced to Bitcoin in 2023 after reading Lowery’s thesis, which presents Bitcoin as more than just a financial innovation but as a critical technology for national security and power projection in cyberspace. The thesis argues that Bitcoin’s proof-of-work mechanism allows for the projection of physical power into the digital realm, converting real-world energy into digital security. This concept resonated with Sires, who saw the potential for applying proof-of-work principles beyond digital assets.
Understanding that cybercriminals often face no cost when attempting to breach systems—a factor contributing to cybercrime’s profitability—Sires developed AuthLN to address this vulnerability. The protocol requires users to stake a denomination of Bitcoin to validate their identity before accessing a system. By introducing a financial deterrent, AuthLN aims to shift cybersecurity from a reactive to a proactive stance.
AuthLN operates using Lightning Hold Invoices. During the authentication process, a user reserves Bitcoin in a hold invoice. If the user successfully logs in, the invoice is canceled, and the Bitcoin remains with the user. If authentication fails, the user forfeits the staked Bitcoin, which is transferred to the resource owner. This mechanism imposes a cost on unauthorized access attempts, potentially deterring cybercriminals who rely on the attack contact.
Initially targeting enterprise organizations, AuthLN seeks to replace traditional multi-factor authentication methods and enhance cybersecurity measures. By integrating with existing systems, it aims to prevent brute-force attacks and compromised credentials, significant vectors for data breaches. Sires emphasizes that authorized users experience minimal changes to their login process, while unauthorized users face financial barriers.
During a recent Bitcoin meetup in Columbus, Ohio, Sires demonstrated the AuthLN prototype. Before logging in, users scan a QR code and stake Bitcoin via the Lightning Network. The system focuses on verifying user intent, adding a layer of security by leveraging proof-of-work. Sires highlighted that the protocol introduces a cost to potential attackers, making cybercrime less profitable and, therefore, less attractive.
In discussions with potential clients, Sires focuses on the problem of cost-free cyberattack attempts and presents AuthLN as a solution that introduces proof-of-work as a deterrent. He often describes the system without explicitly mentioning Bitcoin to avoid preconceived notions that some executives might have about crypto.
AuthLN represents a shift toward what Sires terms “cyber sovereignty,” where individuals and organizations define and protect their digital territories using proof-of-work mechanisms. By applying Bitcoin’s foundational principles to cybersecurity, AuthLN aims to pioneer a product category that enhances digital security through economic incentives.
Sires acknowledges the challenges of building a startup and integrating complex technologies but remains focused on the potential impact of making cybercrime unprofitable. He believes that by introducing a cost to cyberattacks, AuthLN can contribute to a more secure digital environment.
According to the presentation, Sires is in talks with various companies and organizations interested in implementing AuthLN. He views AuthLN as a way to serve a cause greater than himself, much like his military service. By leveraging the concepts from Lowery’s thesis, Sires hopes to lay the foundation for a digitally secure world, ultimately realizing Bitcoin’s potential as a global reserve monetary system.
Lowery shared Sires’ presentation, stating,
“It begins… Love to see US veterans building PoW-based cybersecurity solutions.”