Topic: Eligius: 0% Fee BTC, 105% PPS NMC, No registration, CPPSRB - page 232. (Read 1061843 times)

Well, yeah, I alluded to that, and also mentioned some of the problems with trying to implement such a system on your own.

I'm sure some day in the not too distant future someone will come out with a tried and tested, reliable system like this. But right now I don't know of one. And my comparison was only between storing BTC on one's computer and storing it at Coinbase. I still think the latter is usually a little bit safer. (In general. For some people it'll be a lot safer. For a special few it might be less safe.)


I have no idea. Should I delete these messages?

BTC shares some characteristics with cash but it differs as well. You can make backup copies of encrypted wallets (private keys) such that physical access to the wallets does release the BTC. Likewise you can split the keys so that access to both are required.

Using these properties to create a robust security scheme is a whole separate discussion, likely off topic for the eligius thread, wouldn't you agree?

You were the one making the issue about being a target. A split key is less of a target.

That said, good point. But one with a solution. Also keep a signed transaction with a lock_time in the future, and transfer the BTC before that lock_time arrives.

You could also do a two out of three split key or something like that.

Anyway, see, this is why I don't trust myself to single-handedly implement a security system.

And have experts who are trained in security. And have much more money to spend on security systems.

It does in a sense come down to a matter of trust. I trust experts to implement a better security system than doing it myself.


And what if your house catches on fire while you're sleeping, or if you get into a car accident and go into a coma?

I mean, maybe you don't care about your heirs, or what happens to you if you become incapacitated, but I do.


There are always many unknowns. But your choice is your choice, and I'm not trying to tell you what to choose.

Keeping your entire key in a fire safe: You lose your key if the fire safe is stolen.

Keeping half of your key in a fire safe and half of it in a bank: You lose your key if the fire safe is stolen, OR if it is stolen from the bank.

This would actually be less safe.

EDIT: Well, it would be "safer" in that it would be harder for the BTC to be stolen from that address, but it would be "less secure" in that it increases the chances of YOU not being able to access those BTC.

Well, I guess it comes down to a matter of trust.  Trust in yourself and your ability to protect your property, versus trust in a third party such as Coinbase, given that they are a much bigger and public target.  

I know that I have my laptop physically with me at almost all times, and it is backed up at least weekly on a hard drive stored in a location under my control.  My important keys (BTC mostly) are replicated up a 3rd time on a USB drive.  All encrypted, of course.  I know, know for a FACT, that if any of these are compromised, I will be aware of it within a short period of time, and be able to move the BTC to another address before the encryption can be cracked.  I also know for a FACT, that without one of these 3 being compromised, I will not ever have to worry about my keys being stolen.

With BTC stored with a third party, there are many unknowns, most of which cannot be verified by me.  How many employees have access?  How many times has the code been audited?  Can I read the code myself?  Do they make their addresses and balances public?  Without a VERY high level of transparency, I can never know for a FACT that the BTC stored with them are safe.  Therefore, I must trust them in order to store my BTC with them.  And I simply will not choose to do that, when there are simple security measures that I can undertake personally, and which will not restrict my use of my BTC in any way, or require me to undertake anything onerous.

Yes, I'm less of a target than a bank.

That doesn't mean I carry tens of thousands of dollars in cash in my wallet or store it under my pillow.


There are a lot of people who know I'm a big fan of Bitcoin.

I don't broadcast how much I have or where I store it, but I'd say I'm significantly more of a target than the average Joe.

In any case, I'm not saying that either solution is perfect. What we need is a split key system where I can store half of the key in a fire safe and the other half in an online or traditional bank. But I don't know of any online service that offers this (and I doubt anyone reputable is yet doing it). And doing it using a brick-and-mortar safety deposit box is 1) a pain; and 2) risky in that I might screw something up and accidentally lose all my BTC.

Maybe just doing it using an online storage service. But then I still have the issues of 1) it's a pain; and 2) it's risky in that I might screw something up and accidentally lose all my BTC. Also, the online storage service probably won't have the same policies as an online bank. It needs to be something where I have a memorized password, but where my heirs can get access when I die or become disabled.

That's why they store more than 98% of their funds offline in cold wallets. Even if the entire contents of all the hot wallets at Coinbase got emptied, customers would probably lose nothing.

The odds that are important are the odds that someone is going to break into my house and steal my computer.

They're not high, but they're not astronomically low, either.

But while we're on this subject, if I'm going to store BTC at home, it's going to be in a fire safe, not on a computer, anyway. The risk that my house is going to burn down is also not high, but not astronomically low, either.

(The chance that a house where there are 20BTC stored in an unencrypted wallet will burn down.... Well that's irrelevant.)


If you're going to do that, why bother keeping them on the computer in the first place?

That said, I'd say it's still more likely someone is going to break into my house and steal my fire safe (pretending for the moment that I have one), than that someone is going to rob the safety deposit boxes where Coinbase stores their wallets.

No, the people who have been "waiting a month" have not actually been "waiting a month".  They were last paid a month ago.  There is a difference.  Maybe they have a low hashrate.  Maybe they set their payout minimum to be very high.

The payout queue prioritizes people based on how recently they have been paid.  If you were last paid 24h ago, then anybody who was last paid 24h:01m or more ago, will be ahead of you in the queue.

So it is a bit of a trade-off.  If you set your payout threshold high enough that you will only be paid once a week, you will generally find yourself at the front of the queue when you hit your threshold.  If you set your threshold low enough that you expect to get paid daily, then you could easily find yourself at the bottom of the queue.  From my observations of the queue, I believe that most Eligius miners have set their threshold to be around once a day, given their hashrate.  

Of course, a good number of miners have a low hashrate, and therefore it could take weeks or even months to hit the minimum payout threshold.  These people won't be paid frequently, but when they hit their threshold, they will probably be paid in the next block mined.

FYI: BTC is always a period as a fractional separator, even in locales where comma is used for fiat.
This is important for Bitcoin to function properly as an international currency.

You're less of a target.  Unless you advertise yourself... "hey, I do x, y, and z to protect my 100btc!"  and your facebook page is in your sig.



M

Can someone explain how the payout queue works? I have set the minimum for payout to BTC0,015 and reached that so i will enter the payout queue. But there are people that are 'waiting' for more than a month now. How does this work? Do i really have to wait that long before payout?

Breaking into your house is trivial, but breaking into a house where there are 20BTC stored in an unencrypted wallet is pretty much astronomical odds..... there'd be less variance for the burgler breaking into 20 houses and stealing diamond rings.  As long as you're not advertising your real name and location in conjunction with your BTC address, I see no reason why this is something that one would reasonably fear.  (If you live in a high-crime area where break-ins commonly occur, and a computer is a likely candidate to be stolen just for its street value, you should make a copy of your encrypted private keys and put the copy somewhere safe, so if your computer is stolen then you will be able to recover them quickly and transfer the BTC to a new address.*) Whereas you can bet that there are literally hundreds of hackers (some intelligent, some not so much) trying to crack Coinbase, et al. on a daily basis.

*Actually, this is a good idea just for general security purposes, including protection against hardware failures.

http://antonopoulos.com/2014/02/25/coinbase-review/

http://support.coinbase.com/customer/portal/articles/628970-how-do-i-know-you-won-t-get-hacked-

I don't understand what you're saying, then. What's the reason my PC is probably safer than an online bank? I'm not a security expert, or anything, whereas many of the people working for the online bank are.

I'm assuming we're talking about a reputable online bank, of course.

And you know that how?

M

Yes, they're a big fat target. (*) But they spend many orders of magnitude more on security than I do.

Breaking into my house is trivial. Breaking into the bank where Coinbase stores their cold wallets is much tougher.

(*) Although, perhaps less of a fat target than you might think, as they surely don't store all their BTC in a single location.

Breaking into one's house isn't necessary to compromise a computer.  Most computers can be compromised pretty easily *unless* the user takes surfing seriously and practices some basic security precautions (like don't use IE).

That's why I argue your PC is probably safer than an online bank.  Presumably most people here have at least someone of an idea how to keep their PC safe.

BTW, I agree on the limit per withdraw.  However... you can have a 1BTC limit per transaction, and then have to do 20 transactions.  Or the online system has an exploit that bypasses the limit.  As Steve Gibson says, Trust No One.  (TNO)

M