Author

Topic: Could bitcion theft be decreased with spending notifications. (Read 668 times)

hero member
Activity: 588
Merit: 500
That would delay the process of sending your bitcoins themselves because if you set some security code/process it can be compromised together with your keys. Also adding some regulatory or delaying feature might affect bitcoins as a whole. I guess Paper wallets are a good option for extra security.
full member
Activity: 147
Merit: 100
AFAICT, the better solution would simply be to use "semi-live" cold wallets, which is already implemented in some clients (or at least Armory), or use n-of-m keys.

This, learning to use cold wallets (paper wallets, Armory offline) and hot wallet with small ballance is best way to fight stealing of your Bitcoins
donator
Activity: 1218
Merit: 1015
The only way I could see this being effectively implemented without forcing nodes to delay ALL transactions is to create an encrypted (with a sophisticated, proprietary algorithm) privkey with a delay flag which is only readable by closed-source clients which forces the delay no matter what. Within the Bitcoin network itself, there must be a chargeback feature added which allows you to recall delayed transactions, or else the closed-source Bitcoin client must be online, with the transaction broadcast to a central server which "holds" transactions until the delay has expired, then broadcasts to the Bitcoin network. Some online wallets may've already implemented this (some exchanges have, at least).

Anything else would seem to be ineffective. You're basically looking for an "undo" button, as I see it, but you can't enforce this at the client level by itself because once you've had your password and wallet file stolen, they have access to the raw privkey and wouldn't be restricted by what you've set the client to do. (though it could prevent "clipboard attacks" which switch out an address you've pasted into a client with an attacker's address, though if you didn't notice when it happened, you probably wouldn't notice during the delay)

AFAICT, the better solution would simply be to use "semi-live" cold wallets, which is already implemented in some clients (or at least Armory), or use n-of-m keys.
global moderator
Activity: 4018
Merit: 2728
Join the world-leading crypto sportsbook NOW!
So if you have bitcoins on your computer, anyone can potentially steal them, or for all we know someone can steal them from a paper that they took from you, however this could potentially mean that you BOTH are now in control of the bitcoins.

Could services be set up that alert you if your bitcoins are attempting to be sent ? Basically they could delay the process of sending so it takes a few hours or so, and if you log into your account with the private key, you can cancel it. Of course both parties would now be able to cancel the transaction for the other one, but maybe you can somehow make it so a higher level authentication is required to decide who is the real owner ? Or alternatively the bitcoins could now be worthless as it can't be sent by either party, essentially destroying any incentive for someone to steal bitcoins, because despite the computing power they put into it, theres no spoils, making the entire prospect of stealing bitcoins ineffectual, and bitcoins stored online safer.

Well you can set up two factor authentication and you'll get alerts that way. On the blockchain.info I get a text message everytime I even load up my page.

Though from what I understand they can still be stolen ? If a protocol were put into place that slowed spending so a transaction had to take several hours, it would make it virtually impossible to take bitcoins because the person would be notified that they were being spent.

They can still be stolen even with notifications.
newbie
Activity: 7
Merit: 0
Effort is being expended on speeding up transactions not slowing them down. 

Since there is no record of transactions entering the memory pools your scheme would have to allow reversal within the blockchain (presumably within n blocks).

There would be no way for miners to distinguish between owner and thief so the best outcome would probably to sacrifice the entire amount to fees.
newbie
Activity: 40
Merit: 0
So if you have bitcoins on your computer, anyone can potentially steal them, or for all we know someone can steal them from a paper that they took from you, however this could potentially mean that you BOTH are now in control of the bitcoins.

Could services be set up that alert you if your bitcoins are attempting to be sent ? Basically they could delay the process of sending so it takes a few hours or so, and if you log into your account with the private key, you can cancel it. Of course both parties would now be able to cancel the transaction for the other one, but maybe you can somehow make it so a higher level authentication is required to decide who is the real owner ? Or alternatively the bitcoins could now be worthless as it can't be sent by either party, essentially destroying any incentive for someone to steal bitcoins, because despite the computing power they put into it, theres no spoils, making the entire prospect of stealing bitcoins ineffectual, and bitcoins stored online safer.

Well you can set up two factor authentication and you'll get alerts that way. On the blockchain.info I get a text message everytime I even load up my page.

Though from what I understand they can still be stolen ? If a protocol were put into place that slowed spending so a transaction had to take several hours, it would make it virtually impossible to take bitcoins because the person would be notified that they were being spent.
global moderator
Activity: 4018
Merit: 2728
Join the world-leading crypto sportsbook NOW!
So if you have bitcoins on your computer, anyone can potentially steal them, or for all we know someone can steal them from a paper that they took from you, however this could potentially mean that you BOTH are now in control of the bitcoins.

Could services be set up that alert you if your bitcoins are attempting to be sent ? Basically they could delay the process of sending so it takes a few hours or so, and if you log into your account with the private key, you can cancel it. Of course both parties would now be able to cancel the transaction for the other one, but maybe you can somehow make it so a higher level authentication is required to decide who is the real owner ? Or alternatively the bitcoins could now be worthless as it can't be sent by either party, essentially destroying any incentive for someone to steal bitcoins, because despite the computing power they put into it, theres no spoils, making the entire prospect of stealing bitcoins ineffectual, and bitcoins stored online safer.

Well you can set up two factor authentication and you'll get alerts that way. On the blockchain.info I get a text message everytime I even load up my page.
full member
Activity: 165
Merit: 102
So if you have bitcoins on your computer, anyone can potentially steal them, or for all we know someone can steal them from a paper that they took from you, however this could potentially mean that you BOTH are now in control of the bitcoins.

Could services be set up that alert you if your bitcoins are attempting to be sent ? Basically they could delay the process of sending so it takes a few hours or so, and if you log into your account with the private key, you can cancel it. Of course both parties would now be able to cancel the transaction for the other one, but maybe you can somehow make it so a higher level authentication is required to decide who is the real owner ? Or alternatively the bitcoins could now be worthless as it can't be sent by either party, essentially destroying any incentive for someone to steal bitcoins, because despite the computing power they put into it, theres no spoils, making the entire prospect of stealing bitcoins ineffectual, and bitcoins stored online safer.

Your idea is good, but I think that does not stop theft neway. Because BTC transactions are irreversible and thieves wont care if their acts are known, cause address is anonymous.
newbie
Activity: 56
Merit: 0
You could have this protection if you keep your bitcoins online on a website that has security features like this. Your money doesnt have this feature its the bank that does it for you. I also think you would have to pay a fee for this service.
newbie
Activity: 12
Merit: 0
The problem isn't it being useless, it's that adding it on a protocol level would add complexity and would probably not be all that functional.
newbie
Activity: 40
Merit: 0
The only way someone can 'steal' your bitcoins is if they somehow gain access to your private key. You should encrypt your private key with another pass-code in order to increase your security.

Online wallets notify you if someone has managed to access your account too.

Mhm, I guess my point though, is that websites can alert you if someone has accessed your account, but they can't actually prevent the person from spending them, or necessarily even tell if it's you that's spending them or not. Something like this could be applied to the watch only accounts on bockchain.info, but I don't know, maybe this would be useless feature.
newbie
Activity: 12
Merit: 0
The only way someone can 'steal' your bitcoins is if they somehow gain access to your private key. You should encrypt your private key with another pass-code in order to increase your security.

Online wallets notify you if someone has managed to access your account too.
newbie
Activity: 40
Merit: 0
So if you have bitcoins on your computer, anyone can potentially steal them, or for all we know someone can steal them from a paper that they took from you, however this could potentially mean that you BOTH are now in control of the bitcoins.

Could services be set up that alert you if your bitcoins are attempting to be sent ? Basically they could delay the process of sending so it takes a few hours or so, and if you log into your account with the private key, you can cancel it. Of course both parties would now be able to cancel the transaction for the other one, but maybe you can somehow make it so a higher level authentication is required to decide who is the real owner ? Or alternatively the bitcoins could now be worthless as it can't be sent by either party, essentially destroying any incentive for someone to steal bitcoins, because despite the computing power they put into it, theres no spoils, making the entire prospect of stealing bitcoins ineffectual, and bitcoins stored online safer.
Jump to: