Topic: How to time-lock your coins with the new Schedule an email (gmail) to send later (Read 237 times)

The main issue was already explained: Google employees might read out your seed and try to crack it.
Additionally, in case they e.g. flush their database of scheduled emails for maintenance or shutdown the feature completely, like many previous GMail features that no longer exist, your coins are gone.

Why not send it to multiple email addresses you own?

Set a notification on your phone or computer, send it 6 months to 1 year out to keep your self in the loop and constantly repeat the process?

Even if you naively believe Google are a completely benevolent company and dont exist for the sole purpose of harvesting your data and making profit from selling that data, do you also believe the same about every single one of their employees? What about every employee of every third party that they farm out their services to, or works for them, or provides their services, or hosts their servers, or repairs their hardware, and so on. There is a huge list of unknown people whom you need to trust when you start storing anything with third parties. It's a very risky position to be in.

Sure, but that risk needs to be informed. Many people incorrectly believe Google is completely safe and impervious to hacks, leaks, bugs, or vulnerabilities, and so may choose to store their seed phrase in their email or something similar because they wrongly think it is safe. If you are aware of how risky it is and choose to do it anyway, well, that's a different story.

I'm not at all surprised that a lot of people trust Google, not only when it comes to their daily activities, but they would also entrust their crypto assets to them for safekeeping. It is nonsense to say the least, but I would say "your money, your risk", so let everyone decide what they want to do - some keep their crypto backups in Gmail anyway.

Even after everything discussed in this thread, you still decide to go ahead and do it? We'll, here's hoping you only committed a small amount of bitcoin, since if anything happens with Google or your receiving email provider, or they discontinue the service, or even just a minor bug, your coins are lost forever.

If you really wanted to irreversibly lock up some coins, then just sign a timelocked transaction to yourself and delete the relevant private key. Still a stupid thing to do, but far far safer than trusting an unknown number of intermediary third parties.

Why? It has tons of issues, all of which have been pointed out before. Do not do this!

It's a very bad idea. If someone has self control issues, it was pointed out already that those should be solved first.
And even if you need such a time lock, there are better ways.

Or just use this tool for the job time tested working and there is no-one else to put faith in that they won't go out of business or just not send the email.

https://github.com/petertodd/timelock

Another great paper about time locks is the following paper it's quite old but has a lot of interesting information.

https://people.csail.mit.edu/rivest/RivestShamirWagner-timelock.pdf

i just did this with a vanity address i created, i am regifting my self bitcoin on a special date a few years out

It's a good idea, yet, it's risky. You could lose your gmail account.
There are many things that can happen and you'll never get that email.
So, I'd suggest that people try this with a small amount of money, so it doesn't end in sorrow.
There should be more efficient ways to execute this idea.

There is no way to broadcast a transaction today which will be scheduled to be mined at a future date. I suppose you could set up some software to broadcast a transaction for you at a set date, but then you run the risk of the software not working, or the computer dying, or going offline, or anything else, which you wouldn't be around to fix. The best thing you can do is to sign a transaction today which cannot be mined until a set date, and then share it (or where to find it) with a third party for them to broadcast in the event you can't.

I can make a transaction moving all my coins to your wallet, and say that it cannot be mined before block 800,000. I can then either store it my safe, knowing that as the inheritor of my estate you'll be able to access it after I die, or I can send you the signed transaction to keep yourself, knowing that it cannot yet be mined. At some point before block 800,000, if I'm still alive, I can either simply open my safe, destroy the transaction, and replace it with a new one which cannot be broadcast until block 900,000, or (if you already have the signed transaction), I can move all my coins to a new address to invalidate the transaction you are holding, and then send you a new one timelocked to block 900,000.

I fear that at least some people use this system (sadly) without being fully aware of what they are actually getting into. Sadly I wasn't able to find much information regarding the company activity... I was only able to find the twitter account of it's founder (don't know if it's real or not) - Jeffrey Loewenstein[1]
I wonder, is it possible to schedule a transaction to be sent at X date? If that were possible one could only just schedule that all his funds will be moved over to X wallet at Y date. If the person is still alive / not incapacitated it was just a matter of time to cancel the transaction and just schedule another one to another point in time. I don't know if it's possible though ...

---

[1]https://twitter.com/myessentialinfo

If paper wallets aren't for you that's totally fine, but some people (myself included) use them, and if used properly they are one of the most secure ways you can store your coins. I don't think the term "paper wallet" still necessarily refers to the classical paper wallet of a single private key printed on a piece of paper. I have a number of wallets I would consider paper wallets as they are only stored on paper and nowhere electronic/digital, but those paper wallets are standard BIP39 seed phrases which I will recover to an airgapped device as and when I want to spend from them.

What the...? People actually use this? Take literally every piece of information and document about themselves, enough for an attacker to completely empty all their financial accounts and open huge amounts of credit in their name and take over every single account they have ever opened anywhere, and store all that in a single location with a company which were found to be storing passwords in plaintext for more than a decade. Wow.

Well, you would double check the timelocked transaction after signing it. If it turns out you signed it for 1,000,000 years in the future by mistake, then you can just delete it and create another one.

Yeah, I would only ever use timelocked transactions to potentially move some funds to someone else I wanted to inherit them in the event of my death/incapacitation. I would still have access to the relevant private keys, so could move the coins to invalidate the timelocked transaction and then generate a new one if needed.

Even on-chain timelocking is risky because one mistake and your coins will be locked for way longer than you intended. But I always found timelocking in general a very poor practice. You don't know how the future will change. Maybe you or your loved one will get cancer and you will need all the money you can get, but because you bought into the HODL STRONG HANDS NEVER SELL meme you will lock yourself out of the very much needed funds. If you have problem with self control then you should solve them instead of making some gimmicks that deal with the symptoms and not the cause.

Who doesn't remember Inbox? Google is well known for "killing" products, even if they are loved and cherished by the community. I invite everyone to take a look of Google's Products Graveyard (you'll be surprised to what you'll find there)[1]. There are also some "services" that supposedly were created to be a digital bank of your life's digital belongings such as Lifebank - they give you a pen (+ software it seems) that will store every information that is related to you (offline) so that in case of an ill event someone close to you has easy access to it. Here's their main "service" offering as described in their website[2]:
You can use their software to share specific folders with a trusted person and set up a time limit (for example) so that the person can access your files. Personally I don't see why anyone would pay for such a service when there are some tools that could basically do the same - To me a simple pen drive built with VeraCrypy would suffice. I often have this idea that if person A shares a life with person B and fully trust her/him, person A will reveal every detail to person B (and vice versa) so that in the event of a sudden death each person could access each other person belongings rather easily. Granted, in these times the so called "love" may be something that takes time to find, but if you do find yourself in such a relationship, why wouldn't you share with him/her, if you trust your life with them?

I've read stories about people making 2 or 3 metal plates and storing them in different places with different security measures only to be revealed upon their death and I guess that also sort of works for some. I can say for sure that from all the options available I would never trust a service that we don't know where will it be in 10 years nor we know if it doesn't remember to "delete" our account / block us from accessing it ...

---

[1]https://gcemetery.co/
[2]https://lifebanksystems.com/what-is-lifebank

Seems OP is a fan of Google. As @o_e_l_e_o said Google should meet all the criteria to receive and recover your fund back.

First of all, I will not encourage you to create a paper wallet and store your fund there. I don't have enough faith in it, don't ask me why because I don't know. I am using hardware wallet and open-source noncustodial wallet Electrum, so I have faith in these two.

The second thing I still failed to discover is why should I use Gmail store Bitcoin to use in the future by schedule mail. Why we can't buy a hardware wallet or use an open-source noncustodial wallet to store Bitcoin and use it future? Who is forcing you to sell it if you don't want to do so?

The advice wasn't soo good. For myself, I will not do it ever.

This is true only if you write down your seed phrase which brings us the ulterior solution with no third-parties. There's no way you can memorize a twelve-words mnemonic.

That could be mitigated by working the other way round -- keeping the paper wallet by yourself and sending the wallet password by future email. Good point though.

You also have to trust that Google and the ones Google trusts, won't rip you off. Assuming you scheduled the sending of your mnemonic, means that they have access to your seed phrase. The longer and more complicated the password you choose as of BIP38, the harder it is for them to successfully access your money. Although, this means that it'd also be harder for you to remember it.

The conclusion is that your way of time-locking funds isn't secure and neither practical.

BTW, the Google folks broke SHA1.

That was my first thought as well, I guess deep inside I have a higher confidence in Bitcoin's long term existence over Google's.

The other points seem rather likely as well though. Google has shown little qualms about shutting down projects and features in the past and many didn't live for more than 2-3 years. Accordingly that could happen even sooner than accounts getting closed for inactivity or providers becoming defunct.

You have introduced a huge number of unnecessary points of failure, as well as complete trust in a number of third parties.

• Google must still be operational
• Google must still be offering the "send in the future" service, which they could discontinue at any time
• Google must decide not to close your account for inactivity
• Google servers must not be damaged and result in data loss
• Google servers must not be hacked and result in theft of your wallet (and a huge amount of time for an attacker to bruteforce your BIP38 password, and nothing you can do in the meantime to stop them or secure the coins)
• Google employees must all be honest and also not try to bruteforce your BIP38 password
• The receiving email provider must still be operational
• You must still have access to the receiving email provider account
• They also must not have decided to close your account for any reason

If you are happy to lock up coins with absolutely no way to retrieve them prior to the date you set, then simply sign and back up a transaction to another wallet you control which cannot be broadcast before a set block or date, and then destroy the original wallet. I wouldn't recommend doing this, but it achieves the exact same outcome far more securely and without any trust.