Suggestion:
Offer a 18.5k BTC bounty for whoever releases a copy of the database.
The database isn't worth 18.5k.
No, it is actually worth much more than that, since quite a few people will be suing Bitcoinica if their balance does not satisfy them.
You better negotiate a good deal with the hacker, or you are pretty sure to be made insolvent.
edit:
bulanula, there are ways to anonymously release the database along with a Bitcoin address.
Assume that 99% of the balances have already been claimed, the extra loss due to over-claims is less than 18.5k BTC. This is my speculation based on the information I have though. I haven't verified them.
The following is my suggestion to Bitcoinica, I can disclose it because it won't make resolving problems more difficult:
Now the thing needed to do is to filter the false claims using the resources we already have, including:
- Support emails
- Outgoing transactional emails (deposit, withdrawal and order execution notifications)
- Previous accounting reports
- Partner records, including Mt. Gox, BitInstant, banks
- Block chain (We roughly know what addresses we have based on the transactional emails)
The reputation of the account owner can also be taken into consideration, i.e. if you have demonstrated consistent integrity in the community, you should get your funds back at first opportunity. If the database (which might be leaked) records suggest discrepancies, you should feel comfortable returning the extra.
If the claimed account balance is tiny, such as 1 BTC or $1 USD, you should also receive a refund as long as the account ownership can be verified.
If there are no outgoing transactional emails sent (within 60 days), no support emails ever, no passport photo uploaded, we will have to use extra evidence (Bitcoin address ownership and Mt. Gox code history) to prove account ownership. Most likely the claims are illegitimate. We have unlikely to have inactive users with large amount funds.
The most questionable claims will be the ones without reported positions but with large balances from people who are not reputable. Most likely these people are trying to hide their unrealized losses in the claims after knowing that database has been deleted.
I know there's some personal judgement involved in the suggestion, but that will be my way of handling this. It will keep the majority of people happy while reducing most false positives. If my suggestion is accepted, the general rule is, you can get your funds more fully (partial payments are possible), sooner and less evidence is required if:
--- Disclaimer: Pure suggestion. NOT OFFICIAL ---
- Your bitcointalk.org profile or Bitcoin-OTC rating shows you as reputable and trustworthy. (50 Points)
- You can supply at least one transactional email you have received which perfectly matches our outgoing transactional email records. (30 Points)
- You can provide passport scans and you have provided to Bitcoinica (even if it's pending verification). (40 Points)
- The order of magnitude of your reported balance is consistent with our outdated accounting records. (30 Points)
- You can recall the balances exactly or very precisely. (20 Points)
- You have reported a losing position, with precise details. (20 Points)
- You have contacted Bitcoinica Support at least once since September 2011. (10 Points)
- Your email can be searched online and matches your identity. (10 Points)
- You can provide proof of Bitcoin address ownership (signature), Mt. Gox code you have used/obtained or accurate details of large transaction records (>2500 BTC) that match our hedging activity. (10 Points each kind of evidence)
- Another reputable member supports your claim. (10 Points)
- You have used wire transfer, BitInstant or AurumXchange to deposit/withdraw funds and they can verify the records. (10 Points)
- You have submitted the claim within the first 24 hours since the announcement. (10 Points)
If there are no transactional emails or support emails ever sent to the claimed address, 0 Points for now.
If you get >= 100 Points, you should be refunded immediately.
If you get >= 50 Points, you can expect partial refunds first. The percentage of partial payments will be calculated using the formula (let P be the points you get):
Partial payment in % = (P/10)^2
e.g. If you get 90 Points, you receive 81% of the claimed amount first. If you get 50 Points, you receive 25% of the claimed amount first.
The rest of the claimed amount will be honored after every request has been processed. Then we can use cross reference to match the remainder records, and hopefully a copy of database can be obtained or leaked. If needed, we can also use external moderation to decide asset ownership.
--- Disclaimer: Pure suggestion. NOT OFFICIAL ---