Pages:
Author

Topic: How to time-lock your coins with the new Schedule an email (gmail) to send later (Read 248 times)

hero member
Activity: 910
Merit: 5935
not your keys, not your coins!
It's a good idea, yet, it's risky. You could lose your gmail account.
There are many things that can happen and you'll never get that email.
So, I'd suggest that people try this with a small amount of money, so it doesn't end in sorrow.
There should be more efficient ways to execute this idea.

Why not send it to multiple email addresses you own?

Set a notification on your phone or computer, send it 6 months to 1 year out to keep your self in the loop and constantly repeat the process?
The main issue was already explained: Google employees might read out your seed and try to crack it.
Additionally, in case they e.g. flush their database of scheduled emails for maintenance or shutdown the feature completely, like many previous GMail features that no longer exist, your coins are gone.
member
Activity: 66
Merit: 17
It's a good idea, yet, it's risky. You could lose your gmail account.
There are many things that can happen and you'll never get that email.
So, I'd suggest that people try this with a small amount of money, so it doesn't end in sorrow.
There should be more efficient ways to execute this idea.

Why not send it to multiple email addresses you own?

Set a notification on your phone or computer, send it 6 months to 1 year out to keep your self in the loop and constantly repeat the process?
legendary
Activity: 2268
Merit: 18771
I'm not at all surprised that a lot of people trust Google, not only when it comes to their daily activities, but they would also entrust their crypto assets to them for safekeeping.
Even if you naively believe Google are a completely benevolent company and dont exist for the sole purpose of harvesting your data and making profit from selling that data, do you also believe the same about every single one of their employees? What about every employee of every third party that they farm out their services to, or works for them, or provides their services, or hosts their servers, or repairs their hardware, and so on. There is a huge list of unknown people whom you need to trust when you start storing anything with third parties. It's a very risky position to be in.

It is nonsense to say the least, but I would say "your money, your risk", so let everyone decide what they want to do - some keep their crypto backups in Gmail anyway.
Sure, but that risk needs to be informed. Many people incorrectly believe Google is completely safe and impervious to hacks, leaks, bugs, or vulnerabilities, and so may choose to store their seed phrase in their email or something similar because they wrongly think it is safe. If you are aware of how risky it is and choose to do it anyway, well, that's a different story.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
Even after everything discussed in this thread, you still decide to go ahead and do it?

I'm not at all surprised that a lot of people trust Google, not only when it comes to their daily activities, but they would also entrust their crypto assets to them for safekeeping. It is nonsense to say the least, but I would say "your money, your risk", so let everyone decide what they want to do - some keep their crypto backups in Gmail anyway.
legendary
Activity: 2268
Merit: 18771
i just did this with a vanity address i created, i am regifting my self bitcoin on a special date a few years out
Even after everything discussed in this thread, you still decide to go ahead and do it? We'll, here's hoping you only committed a small amount of bitcoin, since if anything happens with Google or your receiving email provider, or they discontinue the service, or even just a minor bug, your coins are lost forever.

If you really wanted to irreversibly lock up some coins, then just sign a timelocked transaction to yourself and delete the relevant private key. Still a stupid thing to do, but far far safer than trusting an unknown number of intermediary third parties.
hero member
Activity: 910
Merit: 5935
not your keys, not your coins!
I really like this idea
Why? It has tons of issues, all of which have been pointed out before. Do not do this!

It's a good idea [...]
It's a very bad idea. If someone has self control issues, it was pointed out already that those should be solved first.
And even if you need such a time lock, there are better ways.
hero member
Activity: 1241
Merit: 623
OGRaccoon
Or just use this tool for the job time tested working and there is no-one else to put faith in that they won't go out of business or just not send the email.

https://github.com/petertodd/timelock

Another great paper about time locks is the following paper it's quite old but has a lot of interesting information.

https://people.csail.mit.edu/rivest/RivestShamirWagner-timelock.pdf
member
Activity: 66
Merit: 17
Here is a simple way to time-lock your coins so that you can only spend them at a future date:

1) Create a new gmail account.
2) Create a paper wallet and load it with the coins that you want to time-lock. Use BIP38 and make sure you will be able to remember the password later,
at the future date.
3) Change the gmail account password to a random password. Don't write down that random password anywhere except in the following step, 4).
4) Schedule an email to be sent a future date (it's a new gmail feature to be able to schedule emails to be sent at a future date). In that email attach the BIB38 paper wallet for which you know the password and the gmail account random password, that you will not keep or write down except in this specific place.

You will receive in the future date the paper wallet with BIP38 for which you know the password and also the password for the email account that you created for this so that you can use it again. Since you don't write down the gmail password: you will need to receive the scheduled email to be able to know the gmail password again of the gmail account you created for this time-locking.

What do you think? Any questions?

- remotemass

i just did this with a vanity address i created, i am regifting my self bitcoin on a special date a few years out
sr. member
Activity: 1680
Merit: 288
Eloncoin.org - Mars, here we come!
It's a good idea, yet, it's risky. You could lose your gmail account.
There are many things that can happen and you'll never get that email.
So, I'd suggest that people try this with a small amount of money, so it doesn't end in sorrow.
There should be more efficient ways to execute this idea.
legendary
Activity: 2268
Merit: 18771
I wonder, is it possible to schedule a transaction to be sent at X date? If that were possible one could only just schedule that all his funds will be moved over to X wallet at Y date. If the person is still alive / not incapacitated it was just a matter of time to cancel the transaction and just schedule another one to another point in time. I don't know if it's possible though ...
There is no way to broadcast a transaction today which will be scheduled to be mined at a future date. I suppose you could set up some software to broadcast a transaction for you at a set date, but then you run the risk of the software not working, or the computer dying, or going offline, or anything else, which you wouldn't be around to fix. The best thing you can do is to sign a transaction today which cannot be mined until a set date, and then share it (or where to find it) with a third party for them to broadcast in the event you can't.

I can make a transaction moving all my coins to your wallet, and say that it cannot be mined before block 800,000. I can then either store it my safe, knowing that as the inheritor of my estate you'll be able to access it after I die, or I can send you the signed transaction to keep yourself, knowing that it cannot yet be mined. At some point before block 800,000, if I'm still alive, I can either simply open my safe, destroy the transaction, and replace it with a new one which cannot be broadcast until block 900,000, or (if you already have the signed transaction), I can move all my coins to a new address to invalidate the transaction you are holding, and then send you a new one timelocked to block 900,000.
legendary
Activity: 1148
Merit: 3117
What the...? People actually use this? Take literally every piece of information and document about themselves, enough for an attacker to completely empty all their financial accounts and open huge amounts of credit in their name and take over every single account they have ever opened anywhere, and store all that in a single location with a company which were found to be storing passwords in plaintext for more than a decade. Wow.
I fear that at least some people use this system (sadly) without being fully aware of what they are actually getting into. Sadly I wasn't able to find much information regarding the company activity... I was only able to find the twitter account of it's founder (don't know if it's real or not) - Jeffrey Loewenstein[1]
Yeah, I would only ever use timelocked transactions to potentially move some funds to someone else I wanted to inherit them in the event of my death/incapacitation. I would still have access to the relevant private keys, so could move the coins to invalidate the timelocked transaction and then generate a new one if needed.
I wonder, is it possible to schedule a transaction to be sent at X date? If that were possible one could only just schedule that all his funds will be moved over to X wallet at Y date. If the person is still alive / not incapacitated it was just a matter of time to cancel the transaction and just schedule another one to another point in time. I don't know if it's possible though ...

[1]https://twitter.com/myessentialinfo
legendary
Activity: 2268
Merit: 18771
First of all, I will not encourage you to create a paper wallet and store your fund there. I don't have enough faith in it, don't ask me why because I don't know. I am using hardware wallet and open-source noncustodial wallet Electrum, so I have faith in these two.
If paper wallets aren't for you that's totally fine, but some people (myself included) use them, and if used properly they are one of the most secure ways you can store your coins. I don't think the term "paper wallet" still necessarily refers to the classical paper wallet of a single private key printed on a piece of paper. I have a number of wallets I would consider paper wallets as they are only stored on paper and nowhere electronic/digital, but those paper wallets are standard BIP39 seed phrases which I will recover to an airgapped device as and when I want to spend from them.

Here's their main "service" offering as described in their website[2]
What the...? People actually use this? Take literally every piece of information and document about themselves, enough for an attacker to completely empty all their financial accounts and open huge amounts of credit in their name and take over every single account they have ever opened anywhere, and store all that in a single location with a company which were found to be storing passwords in plaintext for more than a decade. Wow.

Even on-chain timelocking is risky because one mistake and your coins will be locked for way longer than you intended.
Well, you would double check the timelocked transaction after signing it. If it turns out you signed it for 1,000,000 years in the future by mistake, then you can just delete it and create another one.

But I always found timelocking in general a very poor practice. You don't know how the future will change. Maybe you or your loved one will get cancer and you will need all the money you can get, but because you bought into the HODL STRONG HANDS NEVER SELL meme you will lock yourself out of the very much needed funds.
Yeah, I would only ever use timelocked transactions to potentially move some funds to someone else I wanted to inherit them in the event of my death/incapacitation. I would still have access to the relevant private keys, so could move the coins to invalidate the timelocked transaction and then generate a new one if needed.
legendary
Activity: 3038
Merit: 2162
Even on-chain timelocking is risky because one mistake and your coins will be locked for way longer than you intended. But I always found timelocking in general a very poor practice. You don't know how the future will change. Maybe you or your loved one will get cancer and you will need all the money you can get, but because you bought into the HODL STRONG HANDS NEVER SELL meme you will lock yourself out of the very much needed funds. If you have problem with self control then you should solve them instead of making some gimmicks that deal with the symptoms and not the cause.
legendary
Activity: 1148
Merit: 3117
  • Google must still be offering the "send in the future" service, which they could discontinue at any time
Who doesn't remember Inbox? Google is well known for "killing" products, even if they are loved and cherished by the community. I invite everyone to take a look of Google's Products Graveyard (you'll be surprised to what you'll find there)[1]. There are also some "services" that supposedly were created to be a digital bank of your life's digital belongings such as Lifebank - they give you a pen (+ software it seems) that will store every information that is related to you (offline) so that in case of an ill event someone close to you has easy access to it. Here's their main "service" offering as described in their website[2]:
Quote
With LifeBank, you can centralise all your personal paperwork and information and take it with you anywhere you need. It’s not just for documents. Our helpful forms guide you in filling out passwords, important contacts like lawyers or accountants, and allow you to make notes on where family members can access things like your will.

You can even store information relating to your birth certificate, marriage certificate, home insurance records, passport scans, visa documentation — anything you can think of!
You can use their software to share specific folders with a trusted person and set up a time limit (for example) so that the person can access your files. Personally I don't see why anyone would pay for such a service when there are some tools that could basically do the same - To me a simple pen drive built with VeraCrypy would suffice. I often have this idea that if person A shares a life with person B and fully trust her/him, person A will reveal every detail to person B (and vice versa) so that in the event of a sudden death each person could access each other person belongings rather easily. Granted, in these times the so called "love" may be something that takes time to find, but if you do find yourself in such a relationship, why wouldn't you share with him/her, if you trust your life with them?

I've read stories about people making 2 or 3 metal plates and storing them in different places with different security measures only to be revealed upon their death and I guess that also sort of works for some. I can say for sure that from all the options available I would never trust a service that we don't know where will it be in 10 years nor we know if it doesn't remember to "delete" our account / block us from accessing it ...

[1]https://gcemetery.co/
[2]https://lifebanksystems.com/what-is-lifebank
legendary
Activity: 2408
Merit: 2226
Signature space for rent
Seems OP is a fan of Google. As @o_e_l_e_o said Google should meet all the criteria to receive and recover your fund back.

First of all, I will not encourage you to create a paper wallet and store your fund there. I don't have enough faith in it, don't ask me why because I don't know. I am using hardware wallet and open-source noncustodial wallet Electrum, so I have faith in these two.

The second thing I still failed to discover is why should I use Gmail store Bitcoin to use in the future by schedule mail. Why we can't buy a hardware wallet or use an open-source noncustodial wallet to store Bitcoin and use it future? Who is forcing you to sell it if you don't want to do so?

The advice wasn't soo good. For myself, I will not do it ever.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
That could be mitigated by working the other way round -- keeping the paper wallet by yourself and sending the wallet password by future email. Good point though.

This is true only if you write down your seed phrase which brings us the ulterior solution with no third-parties. There's no way you can memorize a twelve-words mnemonic.
legendary
Activity: 3122
Merit: 2178
Playgram - The Telegram Casino
You also have to trust that Google and the ones Google trusts, won't rip you off. Assuming you scheduled the sending of your mnemonic, means that they have access to your seed phrase. The longer and more complicated the password you choose as of BIP38, the harder it is for them to successfully access your money. Although, this means that it'd also be harder for you to remember it.

That could be mitigated by working the other way round -- keeping the paper wallet by yourself and sending the wallet password by future email. Good point though.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
You also have to trust that Google and the ones Google trusts, won't rip you off. Assuming you scheduled the sending of your mnemonic, means that they have access to your seed phrase. The longer and more complicated the password you choose as of BIP38, the harder it is for them to successfully access your money. Although, this means that it'd also be harder for you to remember it.

The conclusion is that your way of time-locking funds isn't secure and neither practical.

BTW, the Google folks broke SHA1.
legendary
Activity: 3122
Merit: 2178
Playgram - The Telegram Casino
  • Google must still be operational

That was my first thought as well, I guess deep inside I have a higher confidence in Bitcoin's long term existence over Google's.

The other points seem rather likely as well though. Google has shown little qualms about shutting down projects and features in the past and many didn't live for more than 2-3 years. Accordingly that could happen even sooner than accounts getting closed for inactivity or providers becoming defunct.


legendary
Activity: 2268
Merit: 18771
What do you think? Any questions?
You have introduced a huge number of unnecessary points of failure, as well as complete trust in a number of third parties.
  • Google must still be operational
  • Google must still be offering the "send in the future" service, which they could discontinue at any time
  • Google must decide not to close your account for inactivity
  • Google servers must not be damaged and result in data loss
  • Google servers must not be hacked and result in theft of your wallet (and a huge amount of time for an attacker to bruteforce your BIP38 password, and nothing you can do in the meantime to stop them or secure the coins)
  • Google employees must all be honest and also not try to bruteforce your BIP38 password
  • The receiving email provider must still be operational
  • You must still have access to the receiving email provider account
  • They also must not have decided to close your account for any reason

If you are happy to lock up coins with absolutely no way to retrieve them prior to the date you set, then simply sign and back up a transaction to another wallet you control which cannot be broadcast before a set block or date, and then destroy the original wallet. I wouldn't recommend doing this, but it achieves the exact same outcome far more securely and without any trust.
Pages:
Jump to: