Topic: Decentralised crime fighting using private set intersection protocols - page 7. (Read 33479 times)

This concept has been discussed at length before and vigorously rejected:

https://bitcointalksearch.org/topic/a-warning-against-using-taint-85433

Following these principles merely serves to destroy the important property of Fungibility which all currencies should have. Any attempts to move in this direction should continue to be rejected for this reason alone.

What about someone else who Bob paid money to? Their coins are also tainted. They're in a fashionable chain of restaurants and when they try to pay the bill, their transaction is flagged too! The restaurant owner also calls the police and describes the guy at the table, the response is "ah nope, that's not him", the bill is paid and the guy goes on his way - moderately inconvenienced for a few minutes, but not hopelessly so. What's more, because the restaurant chain is big, well known, and has policies for what blacklists they check and what they do, they are a nexus. When the chain pays its waiters at the end of the day it puts the salary outputs onto its own whitelist and then when the waiter spends his money, nothing is flagged.

Is that all that would happen? Wow. People calling the cops on me cause someone gave me tainted coins and I used them.

I do not like this idea

This is a trend toward mediocrity, diluting what's good about the system. It's as bad as gold derivatives.

So long as none of this enters the protocol itself, it may be very difficult to gain widespread usage of such blacklists - or hard to act upon. May it remain disused and ignored for as long as possible.

No Mike, it's nesting an undefined number of majority consensus systems within Bitcoin, and these will be based on the moral judgements of potentially pernicious actors. The whole point of Bitcoin is to de-politicise money, and you're attempting to argue for an overlay that explicitly politicises transaction acceptance. Continue with this, and you will end up arguing in favour of a different protocol to the one that users want. Majority consensus does not make for a good solution to every problem, hence voting rights being rescinded from the mentally deranged.   

Well, I can admit I hyperbolized, hence the use of the '::)' smiley at the end. What I wrote is what can happen - first we start with your proposal, 5 years later we end up with developers being paid by govt. agencies to introduce some change or two in the protocol that may aid in tracing 'laundered' coins, of course the change could at first and second sight appear to most insignificat enough as to make it easy to convince most of the network to adapt for their own safety; how many people are there out there that are very well-versed with the Bitcoin protocol, cryptography and networks among the Bitcoin users as to not be fooled by this? I am sure less than 50%  . The point I am trying to make is that what you are proposing is not something that should be of Bitcoin developers' concern and that you should remain neutral. Let the state figure it out for themselves because your solution, despite good intentions, may be a step back from what Bitcoin was destined to become.

retep, please don't put words in my mouth. I have never said I think there will be a few hundred or a dozen validating nodes, where did you get that from? Nobody knows how many there will end up being, but on a global scale I'd expect hundreds of thousands if not more.

Regardless, the entire point of this proposal is it is not state control. It's a system based on majority consensus, just like Bitcoin. malevolent clearly hasn't read what I wrote because there's no fork of Bitcoin needed. Checking blacklists is an optional extra layer on top.

I typed out maybe 8 different, very long, detailed responses to this, but in the end all I can really say is meh... not a fan.

I can't see it being terribly useful beyond the transaction immediately following the "taint".

Mike has been advocating for removing the blocksize limit, which even he thinks can lead to there being only a few hundred, and as little as a dozen, validating nodes handling Bitcoin. Implement blacklists on that tiny number of validating nodes and you now have Bitcoin under central control, and opposing that control will be extremely expensive to downright impossible.

Not to mention how with small blocksizes the lack of privacy inherent in Bitcoin - every transaction goes on the public blockchain after all - puts you on an equal footing with big businesses and governments in monitoring and auditing the actions of other Bitcoin users. On the other hand, with large blocks you can't afford the computer equipment required to run a validating node, and thus while you have no ability to to monitor the network and follow the movement of funds but they do.

EDIT: s/will lead/can lead/


Well removing the blocksize limit is a fork, and more to that, it's not a technical "bug-fix" fork like is happening on May 15th - it will radically change what Bitcoin is.

re: Jeff Garzik, I can't speak for him, but personally I would be happy making a similar statement myself. But there is a big difference between working with authorities and educating them about how Bitcoin works and what the vulnerabilities are and introducing brand new vulnerabilities into the system itself.

This is sad. ''He who sacrifices freedom for security deserves neither''

I wouldn't be surprised if Bitcoin was to be forked, with some people continuing to use normal Bitcoin and some following Mike's steps in using its castrated counterpart, preferably with in-built tools aiding the State in controlling its minions' monies.  

"A pack of wolves and a flock of sheep voting on what's for dinner" is the phrase that immediately springs to mind. You forget how easily these systems are exploited, and assume that ordinary human beings are clinically rational automatons.

Yes. The assumption is that if Bob is really a human rights activist, then he either won't get blacklisted (because that kind of nonsense would result in people quickly abandoning the list), or he'll be able to persuade whoever he trades with not to report him. That lack of central control is key.

I don't know if it's really worth trying to implement such a scheme but whether we like it or not, Bitcoin is born into a world run by people who strongly believe in "follow the money" as a crime fighting technique. And if the people with an agenda are able to scare the other people into thinking Bitcoin means unstoppable crime waves then it's going to end up banned, simple as that. And then you won't be able to use it either.

That's why it's important to have credible proposals that meet-in-the-middle with acceptable compromises for everyone.

First Jeff Garzik says to the WSJ: "We want to work with authorities".
Now Mike Hearn with this post.

Can I say these 2 dudes are now officially creeping me out without you guys calling me paranoid? 

Mike, this is not black and white. And I do not think any side of the argument has a clearly winning argument. Yes your scenario is understandable and "Bob the Murderer" is a bad guy and cops shall go after him and apprehend him etc... Nobody wants to save his behind. But now replace "Bob the murderer" by "Bob the Human Rights activist" who pissed off "Mallory the Drone herder" and in similar scenario Bob is being taken out together with the gas station and its owner by a drone.

I personally would prefer if some aspects of society such as money remained neutral and cops instead of spying on everyone would just do their job without unlimited Orwellian powers.

But again this is political and philosophical issue. Technically your proposal is sound and even in spirit of Bitcoin decentralization. If such solution is available it is up to the society to figure out how to use it and how to not.

 

There are a few misconceptions in the comments, maybe not everyone fully understood what I was getting at.

• Who is appointed to run the blacklists? Nobody in particular. That's the point. It is or can be a form of community self policing. Silk Road could run a blacklist. The police could run a blacklist. In the eyes of the system they'd be equals. Who pays for them? Depends on the kind of issue we're talking about, right? Any time you have a community that wants some kind of self-policing, there could be such a thing. I doubt it'd be expensive to run. If you want some kind of ultra-libertarian completely privatised police force you could use assurance contracts to pay for them.
• How do we enforce them? We don't. It's up to the users to decide what to do when a transaction is flagged. Rejection is not necessary, you can as well just accept the coins and then inform someone else who can follow up/investigate. If you think the whole system is bullshit, then just don't check any lists or ignore any flaggings if you do. Problem solved.
• What if everyone ends up with tainted coins? Taint can be removed because when it passes through the hands of a nexus that is known to take some kind of useful action on a blacklist hit, they can add their own outputs to the whitelist and the graph traversal stops there. Eg, if somebody steals coins and sends them to Mt. Gox, then Mt. Gox can go ahead and file a police report and then add their own outputs to their nexus whitelist. Wallets stop searching at that point because you trust Mt. Gox to "clear the taint". So it isn't possible for taint to last forever (you'd eventually have to stop searching due to resource usage anyway, even if you don't hit a nexus).
• How can this be used against the innocent? If a blacklist routinely ends up including outputs that are not associated with any kind of real criminal activity (as judged by the person/entity checking it), then it'd make sense to just stop using it. Remember, this is a community based solution. Nobody has the power to centrally stop or block transactions. If your salary ends up on a blacklist intended for identifying money used in the child porn trade, and you're innocent, then you should be able to make a loud noise through the press, etc, and people would realize that this list is being abused. So they'd stop checking it.

Vladimir says, people would just use coin mixing and the system wouldn't work. Yes, indeed, tx graph obfuscation breaks such an approach. At least if they don't take each other into account. It'd be up to the user community to trade those things off. For instance, you could engage in a mix but only accept old coins that don't appear in any of your blacklists.

But there's something to consider - we all benefit from a stable society that isn't overrun by murderers and thieves. If you're deliberately impeding legitimate investigations into real crimes, whether it be by the police or otherwise, you're really just undermining the source of your own wealth. I think most people would understand that.

Here's an example. Let's say there's a blacklist called the emergency response list. It's used only in the most serious and time critical cases. The operator is the police and they ask subscribers to inform them immediately on encountering a hit. Bob the executive comes home from work early one day and discovers his girlfriend in bed with another guy. Enraged, he grabs a hammer and smashes both their skulls in. Realising what he's done he goes on the run. The girlfriends mother comes round an hour later and discovers the crime scene. She phones 911 and says that her daughter is dead along with another man, and Bob has disappeared.

The police ask the mother who Bob's employer is, and they then phone up the employer and ask them for the output set used to pay Bob's last salary. Those outputs are added to the emergency response list. Bob goes into a gas station and tries to refill his getaway car, when he pays the shopkeepers terminal flags the transaction. Bob still gets his gas but once he's out the door, the shopkeeper phones up the police and reports the guys location.

What about someone else who Bob paid money to? Their coins are also tainted. They're in a fashionable chain of restaurants and when they try to pay the bill, their transaction is flagged too! The restaurant owner also calls the police and describes the guy at the table, the response is "ah nope, that's not him", the bill is paid and the guy goes on his way - moderately inconvenienced for a few minutes, but not hopelessly so. What's more, because the restaurant chain is big, well known, and has policies for what blacklists they check and what they do, they are a nexus. When the chain pays its waiters at the end of the day it puts the salary outputs onto its own whitelist and then when the waiter spends his money, nothing is flagged.

How do you separate good and bad and what levels of tainted coins is acceptable? Why wouldn't someone just go collect some very tainted coins, and then dust a many good addresses.

Problem really is that once you have transaction the coins are yours. And if client's flag it the receiving address is also bad. Tough luck if you didn't use fresh one... I just see too many problems and issues...

Tracking the stuff is all fine, but not-accepting them is hard and destructive...

Thank you Mike! You addressed a very valid obstacle to adaption and present danger to our investment. We have to show the way otherwise we will be shown and possibly wont like it.

Since block chain traversing algorithms are not feasible on an SPV or a server trusting client, this flagging might be service(s) that customer could consult. Mining pools might also differentiate themselves by mining "clean" blocks according to their definition of purity.

Who do we appoint to operate said blacklists?  And how do we enforce them?  If nobody cared about setting their clients up to reject flagged coins, it wouldn't matter.  It would have to be enforced by law for it to catch on, as the vast minority which chooses a couple of flags will find it very troubling when Jack wants to send Sally some coins but Sally can't accept his money when it's tainted by a flag passed down by 20 people who don't care for flagged coins.  So Sally would either have to turn her flags off temporarily to trade with her good friend Jack, or tell Jack off.

Now lets say blacklist operators are privately owned (which they cannot be, for nobody will pay for this service, so they will have to be subsidized)  Privately owned blacklist operator owner Sandy agrees that if you slip her a small fee, she'll scrub your coins off (by deleting their flags)  Now you have clean coins, ready to make a drug purchase all over again.  Uh oh!  Time to invoke a law: coin scrubbing is now illegal.  The blacklist operators continue to decline as their non-businesses conduct non-business, and the general public continues to pay for them to perform a service of figuring out which coins need flags and why.  By the time any court can figure out what theft has officially happened (or any crime involving the coin, really) the coins could be passed down several, several times, either to mules, or actual people.  So the guy holding the tainted coin attempts to pass it down, but the next guy has all his flags checked, not because he gives two bits about crime, but because he doesn't want someone else's tainted coin that is now completely worthless.  Ensue a downward spiral of money being rendered useless and people finding it harder and harder to conduct business as they realize they're holding onto hot money.

Now let's assume half of a society has their flags on, and are not accepting tainted coin.  This creates a subculture, the same one we've always had, which is perfectly a-okay in trading their tainted coin for criminal goods.  We can now call these coins blackcoins: the coins which are blacklisted.  It's like black market credit, at that point.  Unless people are forced to refuse flagged coins, they won't, or won't always.  You still have a system for people to commit criminal acts, and as long as a large portion of the population is okay with using the blacklisted coins as tender, they will continue to be used.  At least until Sandy lowers her prices.

A system such as this will go against everything Bitcoin is designed for: privacy, and freedom.  Privacy and freedom mean, however you feel about crime, that it is private, and free.  It cannot be used as a tool to fight crime and remain completely functional.  Assigning a system such as this to Bitcoin would be the same effect as banning guns; the coin isn't committing any crimes, and should not be held suspect.  If Sally wants to buy headphones from Jack, she shouldn't have to worry if her money was suspected of being used to hire a hitman several years prior.  Doll over a few years, and all 21 million eventually become tainted--do they reset the flags?  And if they do, why bother with the system?  It's an inconvenience, and will hinder trade in the hopes of moral correctness.

Look...I am neither young nor dumb enough to not realize that there WILL be regulations...and I am for the rule of Law. Criminals just plain suck. At least career criminals do in my mind. Everyone makes mistakes tho. What happens to those people? Added to a blacklist...for...say a DUI. Now that persons coin is not worth as much because they are a credit risk? That being said I dont think whitelists and blacklists will sell very well to the masses anyway. Who is to say what is put on such lists and by whom? Some as yet to be named central authority? Yes...these concepts do need to be discussed. I fear something like this would lead to stratification and classification of individuals.

I am still trying to wrap my head around the whole bitcoin concept to be completely honest...I have this feeling that it will be the catalyst for a brighter future for mankind and I am humbled and honored to be a witness.
Let's not fuck it up.

zif

Another way it can be countered is by off-chain transactions, for instance with chaum banking that provides absolutely secure privacy with math, or by trusted hardware coins.

Of course, one of the first blacklists will be for anyone providing or using genuinely private off-chain transactions...