Are bitcoins indestructible? - page 5.

12648430

full member

Activity: 144

Merit: 100

Quote from: DeathAndTaxes on December 05, 2013, 10:39:42 PM

Quote from: 12648430 on December 05, 2013, 09:52:54 PM

If that did happen, miners would likely stop relaying transactions from the old address type before it became economical to harvest them en masse.

Why? Also 100.000000000000000000000000000000000000000000% of miners? Even if the tx includes a giant tx fee? I doubt it

Of course not voluntarily. In the scenario where ECDSA has been broken and its use has long since been phased out, there would doubtless eventually be a discussion among the community about whether to make a hard-forking change that after block X such accounts cannot be spent from. This would of course be a massive heated debate that we don't need to have here and now, but it's my opinion that imposing a rule preventing such spends would be for the good of the community, and I'd go out on a limb and speculate that that would end up being the consensus - although if mining hardware at such a time were capable of the cracking operation, miners' personal interests may prevail and a lot of hashing power would end up moving from safeguarding the network to cracking keys.

Dabs

legendary

Activity: 3416

Merit: 1912

The Concierge of Crypto

Quote from: bryant.coleman on December 05, 2013, 10:19:26 PM

Quote from: Kevlar on December 04, 2013, 08:35:04 PM

It's impossible to send them to an invalid address, BUT it's entirely possible to send them to an address for which no one has the key.

Take for example: 1BitcoinEaterAddressDontSendf59kuE

Are you sure that this wallet does not have a private key?

Because it was created as a donation wallet by someone named holgero, and I can see a 0.559 BTC donation coming to it two months ago.

No one has a computer or vanity generator powerful enough to create a bitcoin address with corresponding private key with such a long prefix in a timely manner. Someone just made an address and attached a proper checksum to make it valid.

justusranvier

legendary

Activity: 1400

Merit: 1013

Miners would be the ones breaking old insecure keys.

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

Quote from: 12648430 on December 05, 2013, 09:52:54 PM

Quote from: DeathAndTaxes on December 05, 2013, 09:47:29 PM

Quote from: spect0r on December 05, 2013, 09:43:02 PM

Well, coins sent to an address for which nobody has the priv key is as close to actual destruction as it gets. That's because the day it becomes possible to recover these coins is the day the crypto that holds all the bitcoins becomes broken.

Unless decades prior Bitcoin was expanded to include new stronger address types. Say tomorrow there is a theoretical flaw in ECDSA which would allow an attacker with billions of dollars to break a ECDSA keypair. It still wouldn't be a direct threat to Bitcoin but attacks always get cheaper and better over time so a new address type is created which provides more security and over the following decade people move funds into the newer address types. It is possible someday when it becomes economical to attack those "old" address types the only funds left will be ones involving lost keys.

If that did happen, miners would likely stop relaying transactions from the old address type before it became economical to harvest them en masse.

Why? Also 100.000000000000000000000000000000000000000000% of miners? Even if the tx includes a giant tx fee? I doubt it

bryant.coleman

legendary

Activity: 3766

Merit: 1217

Quote from: Kevlar on December 04, 2013, 08:35:04 PM

It's impossible to send them to an invalid address, BUT it's entirely possible to send them to an address for which no one has the key.

Take for example: 1BitcoinEaterAddressDontSendf59kuE

Are you sure that this wallet does not have a private key?

Because it was created as a donation wallet by someone named holgero, and I can see a 0.559 BTC donation coming to it two months ago.

12648430

full member

Activity: 144

Merit: 100

Quote from: DeathAndTaxes on December 05, 2013, 09:47:29 PM

Quote from: spect0r on December 05, 2013, 09:43:02 PM

Well, coins sent to an address for which nobody has the priv key is as close to actual destruction as it gets. That's because the day it becomes possible to recover these coins is the day the crypto that holds all the bitcoins becomes broken.

Unless decades prior Bitcoin was expanded to include new stronger address types. Say tomorrow there is a theoretical flaw in ECDSA which would allow an attacker with billions of dollars to break a ECDSA keypair. It still wouldn't be a direct threat to Bitcoin but attacks always get cheaper and better over time so a new address type is created which provides more security and over the following decade people move funds into the newer address types. It is possible someday when it becomes economical to attack those "old" address types the only funds left will be ones involving lost keys.

If that did happen, miners would likely stop relaying transactions from the old address type before it became economical to harvest them en masse.

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

Quote from: spect0r on December 05, 2013, 09:43:02 PM

Well, coins sent to an address for which nobody has the priv key is as close to actual destruction as it gets. That's because the day it becomes possible to recover these coins is the day the crypto that holds all the bitcoins becomes broken.

Unless decades prior Bitcoin was expanded to include new stronger address types. Say tomorrow there is a theoretical flaw in ECDSA which would allow an attacker with billions of dollars to break a ECDSA keypair. It still wouldn't be a direct threat to Bitcoin but attacks always get cheaper and better over time so a new address type is created which provides more security and over the following decade people move funds into the newer address types. It is possible someday when it becomes economical to attack those "old" address types the only funds left will be ones involving lost keys.

spect0r

newbie

Activity: 20

Merit: 0

Well, coins sent to an address for which nobody has the priv key are practically destroyed. That's because the day it becomes possible to recover these coins is the day the crypto that holds all the bitcoins becomes broken and all the coins everywhere become as good as destroyed.

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

An address is a hash of the public key (w/ checksum) not the public key itself.

It is entirely possible that there is no public key which produces the address above.

TheDjinni

newbie

Activity: 16

Merit: 0

Quote from: jongameson on December 05, 2013, 01:34:19 PM

Quote from: Kevlar on December 04, 2013, 08:35:04 PM

It's impossible to send them to an invalid address, BUT it's entirely possible to send them to an address for which no one has the key.

Take for example: 1BitcoinEaterAddressDontSendf59kuE

Check it out on blockchain. If you can brute force the private key, the coins are yours. Is it impossible? Theoretically, no, but practically...

Let's say you had a super computer that was guessing 999 trillion keys per second. It would take you 3.5 billion years to exhaust just 10% of the keyspace, which means in 3.5 billion years you would have a 10% chance of having guessed the key. Good luck with those odds!

how do you know there's even a private address associated with that wallet? where did they calculate that address from?

"Nearly every 256-bit number is a valid private key. Specifically, any 256-bit number between 0x1 and 0xFFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141 is a valid private key." -bitcoin wiki

If you know hexadecimal, then you can convert the above to hexadecimal and verify if it is a valid key with some (theoretical) private key associated with it.

justusranvier

legendary

Activity: 1400

Merit: 1013

Every transaction destroys old outputs and creates new ones to replace them.

The act of spending bitcoins destroys them.

t1000

full member

Activity: 182

Merit: 100

Quote from: Kevlar on December 04, 2013, 08:35:04 PM

It's impossible to send them to an invalid address, BUT it's entirely possible to send them to an address for which no one has the key.

Take for example: 1BitcoinEaterAddressDontSendf59kuE

Check it out on blockchain. If you can brute force the private key, the coins are yours. Is it impossible? Theoretically, no, but practically...

Let's say you had a super computer that was guessing 999 trillion keys per second. It would take you 3.5 billion years to exhaust just 10% of the keyspace, which means in 3.5 billion years you would have a 10% chance of having guessed the key. Good luck with those odds!

Watch that address. If you see someone spending its outputs, it is probably time to get out of bitcoin.

pening

sr. member

Activity: 245

Merit: 250

Why except the possibility of being lost? Yes they are very destructible, maybe not rotting exactly, but they are only as safe and secure as the integrity of the holders IT. Fire, flood, HD crash, data corruption, theft or loss of hardware, forgetfulness (of presence of private key or passwords) can all effectively destroy Bitcoins.

jongameson

member

Activity: 84

Merit: 10

Quote from: Kevlar on December 04, 2013, 08:35:04 PM

It's impossible to send them to an invalid address, BUT it's entirely possible to send them to an address for which no one has the key.

Take for example: 1BitcoinEaterAddressDontSendf59kuE

Check it out on blockchain. If you can brute force the private key, the coins are yours. Is it impossible? Theoretically, no, but practically...

Let's say you had a super computer that was guessing 999 trillion keys per second. It would take you 3.5 billion years to exhaust just 10% of the keyspace, which means in 3.5 billion years you would have a 10% chance of having guessed the key. Good luck with those odds!

how do you know there's even a private address associated with that wallet? where did they calculate that address from?

pand70

sr. member

Activity: 476

Merit: 250

Quote from: DavidZ on December 04, 2013, 08:25:52 PM

Are bitcoins indestructible?

Yes they can be lost but are they indestructible?

I think that they are very different to tulip bulbs which can be farmed and can rot away.

So I don't think it is a fair analogy to bitcoins to tulip bulbs as this Dutch banker attempts to:

http://www.theguardian.com/technology/2013/dec/04/bitcoin-bubble-tulip-dutch-banker

One would have to question Nout Wellink's motivation here. Does he really believe bitcoin is unsound money or perhaps does he perceive is that his social status is under threat. Is he slandering bitcoin in a vain attempt to preserve his privileged position in society?

When bitcoins are lost you can consider them destroyed because there is absolutely no way to restore them.
But you don't need that to prove that bitcoins aren't tulips Roll Eyes

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

They are destroyed in the mining if the coinbase reward is less than the current block subsidy + fees.

Invalid Block:
coinbase reward > block subsidy + tx fees

Valid block & no coins destroyed:
coinbase reward = block subsidy + tx fees

Valid block & coins destroyed:
coinbase reward < block subsidy + tx fees

DavidZ

newbie

Activity: 56

Merit: 0

Quote from: DeathAndTaxes on December 04, 2013, 08:40:35 PM

They can be destroyed by mining.

The protocol limits the miners reward to be less than or equal to the amount of the subsidy plus fees. I am not sure if it was intentional (can't think of a reason) or simply an oversight but this means the reward to miner can be less than the subsidy and fees.

So miner creates a block with tx totaling x BTC in fees and y BTC in subsidy and gives himself 0 BTC coinbase reward. x + y BTC have been permanently destroyed.

Likely due to a poorly designed miner in the blockchain there are a few blocks where the coinbase is less than subsidy + fees and thus coins have already been destroyed.

This sounds like an edge case; so once they have been mined can they be destroyed?

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

They can be destroyed by mining.

The protocol limits the miners reward to be less than or equal to the amount of the subsidy plus fees. I am not sure if it was intentional (can't think of a reason) or simply an oversight but this means the reward to miner can be less than the subsidy and fees.

So miner creates a block with tx totaling x BTC in fees and y BTC in subsidy and gives himself 0 BTC coinbase reward. x + y BTC have been permanently destroyed.

Likely due to a poorly designed miner in the blockchain there are a few blocks where the coinbase is less than subsidy + fees and thus coins have already been destroyed.

Kevlar

sr. member

Activity: 602

Merit: 254

🔰FERRUM NETWORK🔰

It's impossible to send them to an invalid address, BUT it's entirely possible to send them to an address for which no one has the key.

Take for example: 1BitcoinEaterAddressDontSendf59kuE

Check it out on blockchain. If you can brute force the private key, the coins are yours. Is it impossible? Theoretically, no, but practically...

Let's say you had a super computer that was guessing 999 trillion keys per second. It would take you 3.5 billion years to exhaust just 10% of the keyspace, which means in 3.5 billion years you would have a 10% chance of having guessed the key. Good luck with those odds!

wopwop

sr. member

Activity: 252

Merit: 250

yes

Topic: Are bitcoins indestructible? - page 5. (Read 7648 times)