Pages:
Author

Topic: Here we go again: BTCServ hacked, BTC gone (Read 6909 times)

legendary
Activity: 980
Merit: 1008
February 11, 2012, 05:57:16 PM
#47
Honestly, I find it quite absurd accepting higher risks only for not having to wait one single day for maturation. But anyway... it's your money, do as you please.
Seems to me pool users are paying for ease of use (or rather: less setting up required) and low variation.
donator
Activity: 532
Merit: 501
We have cookies
February 10, 2012, 05:55:22 AM
#46
I presume the pools have a buffer of mature coins which they use to pay their miners.  I don't have to wait; I can withdraw mature coins as soon as the pool finds a block.
So some pools "pay in advance". That would require them to have some "invested capital". And such money can be stolen, as we've seen here. In such event, unless the pool operator eats the loss himself, he will have to pass it to the miners.

Honestly, I find it quite absurd accepting higher risks only for not having to wait one single day for maturation. But anyway... it's your money, do as you please.
I think that most non-0% pools do. It would be very strange to receive payments that you still can't use for almost a day Smiley

As for the possible theft... It's not a user's problem. Pool should pay anyway.
legendary
Activity: 1106
Merit: 1004
February 10, 2012, 04:43:44 AM
#45
I presume the pools have a buffer of mature coins which they use to pay their miners.  I don't have to wait; I can withdraw mature coins as soon as the pool finds a block.

So some pools "pay in advance". That would require them to have some "invested capital". And such money can be stolen, as we've seen here. In such event, unless the pool operator eats the loss himself, he will have to pass it to the miners.

Honestly, I find it quite absurd accepting higher risks only for not having to wait one single day for maturation. But anyway... it's your money, do as you please.
donator
Activity: 532
Merit: 501
We have cookies
February 10, 2012, 12:38:27 AM
#44
Before posting the question I decided to take a look in the blockchain.info... and even deepbit and Slush are attributing the generation coins to a single address, possibly to transfer them after the 120 blocks maturation period. Why? This is risky... Just send them immediately to the miners.
As a miner I would prefer that the pool sends the generated coins to itself and pays me in mature coins.  That way I don't have to wait for 120 blocks before I can spend the coins.
It doesn't make sense. You'll have to wait anyway. Either you wait with the money in your wallet, or you wait with it in the wallet of the pool operator. I find the former more secure.
Actually there is some sense.
If we generate directly do user's address then he will have to wait about 20 hours (if the block is not orphaned).
If we pay in matured coins then it's only about 10 minutes.
legendary
Activity: 2940
Merit: 1333
February 09, 2012, 04:13:46 PM
#43
As a miner I would prefer that the pool sends the generated coins to itself and pays me in mature coins.  That way I don't have to wait for 120 blocks before I can spend the coins.

It doesn't make sense. You'll have to wait anyway. Either you wait with the money in your wallet, or you wait with it in the wallet of the pool operator. I find the former more secure.

I presume the pools have a buffer of mature coins which they use to pay their miners.  I don't have to wait; I can withdraw mature coins as soon as the pool finds a block.
donator
Activity: 919
Merit: 1000
February 09, 2012, 03:03:08 PM
#42
[...]
Once a transaction makes it's way to more, then it becomes harder with each iteration.  Who's to say that the next person (or three or eight) knows that they're stolen?  As far as they know, they receive coins (or perhaps purchased/traded them) from legit means, not knowing they're stolen.. would you blame each one?  I'd guess that once it reaches 10 iterations, it's all but lost.
From a technical side, why is this a problem? The blockchain for the currently generated 166kBlocks is a 4.2GB database (gross, including redundant data). Every single address, every single coin and their transaction path from generation to their currently holding address is available. It does not really need rocket-science to parse that data and trace stolen coins.

But you're right of course when it comes to practice: after several transactions you can not blame users for holding initially stolen coins. You could if e.g. the Bitcoin nodes would check every transaction for black-listed addresses. But this would be a centralized component -- fully contrary to Bitcoin's p2p design.
donator
Activity: 980
Merit: 1000
February 09, 2012, 02:44:37 PM
#41
[...]
Quote
Nothing. Never said its wrong, just that you can not have anonymity for Joe and traceability against the thief at the same time.


Right. Anonymity for both.

That was one of the main points of bitcoin in the first place, if you read Satoshi's paper.
Sure you did not skip through the talk I was referring. Then please read just the first sentence of https://en.bitcoin.it/wiki/Anonymity:
Quote
While the Bitcoin technology can support strong anonymity, the current implementation is usually not very anonymous.
Fact is: with the current implementation you must add additional efforts and precautions to stay anonymous. Watch the talk and understand: since the blockchain is eternal during Bitcoin's existence, you can just sit and wait until the target person makes one single mistake to loose his carefully built up anonymity.

I know how it works to some degree. I was just defending the usage of those extra steps. The fact that the blockchain is persistant doesn't change much. You just stop completely using an address that can give you trouble, there are means to this end. Addresses are free anyway, it's a matter of discipline and some effort.
donator
Activity: 919
Merit: 1000
February 09, 2012, 02:34:32 PM
#40
[...]
Quote
Nothing. Never said its wrong, just that you can not have anonymity for Joe and traceability against the thief at the same time.


Right. Anonymity for both.

That was one of the main points of bitcoin in the first place, if you read Satoshi's paper.
Sure you did not skip through the talk I was referring. Then please read just the first sentence of https://en.bitcoin.it/wiki/Anonymity:
Quote
While the Bitcoin technology can support strong anonymity, the current implementation is usually not very anonymous.
Fact is: with the current implementation you must add additional efforts and precautions to stay anonymous. Watch the talk and understand: since the blockchain is eternal during Bitcoin's existence, you can just sit and wait until the target person makes one single mistake to loose his carefully built up anonymity.
legendary
Activity: 1106
Merit: 1004
February 09, 2012, 07:57:58 AM
#39
Before posting the question I decided to take a look in the blockchain.info... and even deepbit and Slush are attributing the generation coins to a single address, possibly to transfer them after the 120 blocks maturation period. Why? This is risky... Just send them immediately to the miners.

As a miner I would prefer that the pool sends the generated coins to itself and pays me in mature coins.  That way I don't have to wait for 120 blocks before I can spend the coins.

It doesn't make sense. You'll have to wait anyway. Either you wait with the money in your wallet, or you wait with it in the wallet of the pool operator. I find the former more secure.

It's true that pool operators could also be eWallets, protecting the coins of miners that do not feel safe to do it themselves. But I assume miners to be fairly technical people who don' t really need an eWallet.
legendary
Activity: 2940
Merit: 1333
February 09, 2012, 07:49:01 AM
#38
Before posting the question I decided to take a look in the blockchain.info... and even deepbit and Slush are attributing the generation coins to a single address, possibly to transfer them after the 120 blocks maturation period. Why? This is risky... Just send them immediately to the miners.

As a miner I would prefer that the pool sends the generated coins to itself and pays me in mature coins.  That way I don't have to wait for 120 blocks before I can spend the coins.
legendary
Activity: 1106
Merit: 1004
February 09, 2012, 04:50:57 AM
#37
I'd think the big ones might want to avoid a bunch of .000004 sends, since they have so many miners and such frequent blocks,

Well, if they are sending frequent transactions with all these .000004 spends, it would be the same, wouldn't it?

Otherwise, if they don't want to create huge transactions so frequently, they can aggregate. At each block they pay 10% of their miners, for ex. The math might get complicated, but it should be possible.
legendary
Activity: 1246
Merit: 1016
Strength in numbers
February 09, 2012, 04:29:54 AM
#36
But why was the pool operator even keeping the miners reward? Couldn't he pay his miners immediately from the generation transaction, with a send to many?

...

Before posting the question I decided to take a look in the blockchain.info... and even deepbit and Slush are attributing the generation coins to a single address, possibly to transfer them after the 120 blocks maturation period. Why? This is risky... Just send them immediately to the miners.

I'd think the big ones might want to avoid a bunch of .000004 sends, since they have so many miners and such frequent blocks, but the smaller ought put payments right in the generate since they have less trust and the payments would tend to be larger and fewer I'd think.
legendary
Activity: 1106
Merit: 1004
February 09, 2012, 03:46:51 AM
#35
But why was the pool operator even keeping the miners reward? Couldn't he pay his miners immediately from the generation transaction, with a send to many?

...

Before posting the question I decided to take a look in the blockchain.info... and even deepbit and Slush are attributing the generation coins to a single address, possibly to transfer them after the 120 blocks maturation period. Why? This is risky... Just send them immediately to the miners.
legendary
Activity: 980
Merit: 1008
February 09, 2012, 03:09:37 AM
#34
So to close the loop: if we or they or some majority decides that it is bad for Bitcoin to use laundry services, I won't use them. Even if I feel restricted in my personal freedom, all that counts is the overall cumulative freedom and satisfaction of the community.
And that's what it all comes down to, in my opinion. You are free to follow that advice, while others are free to not. If we were to impose this on non-consenting Bitcoin users, a technology would simply pop up that circumvents it.

My original point was never about the law and whether it is fair or effective or not. My point was simply that giving up personal freedom in the name of public good simply does not work in the long run. We might benefit from it in the short run, but it doesn't solve the fundamental problem that made us give up the freedom in the first place (theft, terrorism, etc.).
hero member
Activity: 609
Merit: 500
February 08, 2012, 10:34:01 PM
#33
Here I don't see the point. If one did those 900 transactions to new addresses, they are still visible and traceable from the blockchain. One could even set up some ping-pong or loop transaction scheme to move the BTCs between new addresses many times, but in the very end the BTCs need to be spent and as soon as the thief does a payment to someone checking the black-list, bad guy is bust.

This requires the black-list to be updated with each block and might turn out difficult to handle (DoS by spreading 100 stolen coins to 1 million addresses). Is this what your 10% sacrifice is meant for?



Once a transaction makes it's way to more, then it becomes harder with each iteration.  Who's to say that the next person (or three or eight) knows that they're stolen?  As far as they know, they receive coins (or perhaps purchased/traded them) from legit means, not knowing they're stolen.. would you blame each one?  I'd guess that once it reaches 10 iterations, it's all but lost.
donator
Activity: 980
Merit: 1000
February 08, 2012, 05:20:37 PM
#32
This is going too far off-topic, so lets close it here with.
^ Let's say I like marijuana and I want to buy some from Silk Road. I use a scrambling service to make the bitcoins non-linkable to my exchange account. What on earth is wrong with that?
Nothing. Never said its wrong, just that you can not have anonymity for Joe and traceability against the thief at the same time.


Right. Anonymity for both.

That was one of the main points of bitcoin in the first place, if you read Satoshi's paper.
donator
Activity: 919
Merit: 1000
February 08, 2012, 03:37:06 PM
#31
This is going too far off-topic, so lets close it here with.
^ Let's say I like marijuana and I want to buy some from Silk Road. I use a scrambling service to make the bitcoins non-linkable to my exchange account. What on earth is wrong with that?
Nothing. Never said its wrong, just that you can not have anonymity for Joe and traceability against the thief at the same time.
Quote
I honestly think you're missing the bigger picture. Thieves will always exist no matter how much every honest person limits him or herself. We're not mitigating theft by doing this, we're just making life harder for ourselves, the honest ones. If you're willing to sacrifice your privacy to achieve some goal, good for you. I respect that. But I think it becomes problematic when we request that others do what we feel is right, just because we feel it's right.
In an ideal world you would be right, but as you depict, the real one is different. This is how I see the big picture: ask yourself how often you would use your credit card for online payments, if it was neither reversible nor traceable?

So far, we basically do not have a dissent. But I disagree with your last sentence. I feel there is a misinterpretation of freedom as anarchy in that statement. Freedom does not mean no rules, free beer, and anyone is allowed to do what he wants, right? There are reasons why speed limits exist, even if some feel restricted in their personal freedom. And guess what, there for sure are solid reasons why our society tries to hinder people taking drugs. Freedom is good, and as such is what society is constantly increasing in its evolution (you might disagree, but the world had never seen more cumulated freedom than today).

So to close the loop: if we or they or some majority decides that it is bad for Bitcoin to use laundry services, I won't use them. Even if I feel restricted in my personal freedom, all that counts is the overall cumulative freedom and satisfaction of the community.


That said, I'm going for some beer now. Enjoy your bong Wink
legendary
Activity: 980
Merit: 1008
February 08, 2012, 01:49:40 PM
#30
^ Let's say I like marijuana and I want to buy some from Silk Road. I use a scrambling service to make the bitcoins non-linkable to my exchange account. What on earth is wrong with that?

I honestly think you're missing the bigger picture. Thieves will always exist no matter how much every honest person limits him or herself. We're not mitigating theft by doing this, we're just making life harder for ourselves, the honest ones. If you're willing to sacrifice your privacy to achieve some goal, good for you. I respect that. But I think it becomes problematic when we request that others do what we feel is right, just because we feel it's right.
donator
Activity: 919
Merit: 1000
February 06, 2012, 03:12:46 AM
#29
Is this what your 10% sacrifice is meant for?

No.  I have 10,000 stolen BTC.  I divide it up into 1,000 lumps of 10 BTC.  I send 100 of those lumps to 100 different donation addresses I collect from the forum, and the other 900 to 900 different new addresses I create for myself.

When I later spend one of those 10 BTC lumps and someone questions me about it, I say "I don't know who sent it to me - it just turned up one day", and checking the blockchain they can see that the same amount "just turned up" in lots of other well known addresses at the same time, lending evidence to my story that the thief just randomly distributed his ill-gotten gains to strangers.

True that. But you can deny it once, twice, maybe three times, then it becomes obvious.

As said before, the use of laundry services impedes traceability - for both, honest ppl and thieves. Crackers do not need to invent sophisticated mechanisms to hide their tracks, they're already available.
full member
Activity: 196
Merit: 100
February 05, 2012, 05:46:32 PM
#28
The pioneer of sacrifice is ofcourse MyBitcoin. Well done, Tom!
Pages:
Jump to: