Pages:
Author

Topic: Proposal to help stop thieves (Read 4779 times)

donator
Activity: 29
Merit: 252
September 23, 2012, 02:56:07 AM
#54
All bad ideas/laws stem from some very reasonable-looking special one-time needs.
 
newbie
Activity: 14
Merit: 0
September 22, 2012, 01:45:28 PM
#53
Also, if it is easy to add a transaction to a black list then you can DOS the chain by blacklisting all over.

If it is not easy to add a transaction to a black list then a theif will have time to send it through an anonymizing/mixing service BEFORE it ends up on the black list.

I see blacklist management as the fatal flaw in this idea.
newbie
Activity: 14
Merit: 0
September 22, 2012, 01:24:46 PM
#52
You cannot just return a payment. Many wallet and exchange services send from a common address and if you send the money back from the sending address it will not go to the correct person. You will need to ask the sender for an address to return it to.

You cannot reject payments as you say, you can refuse to spend them, you can refuse to honor the payment but not automatically reject them.
hero member
Activity: 488
Merit: 500
September 21, 2012, 05:47:07 PM
#51
Please give up on this tainted coins idea. There have been enough threads discussing this, each showing a multitude of reasons why it won't work as expected. Just don't waist any more time on this topic. Thank you.
legendary
Activity: 1428
Merit: 1000
September 21, 2012, 08:34:14 AM
#50
I look forward to the day when the clients or protocols are "fixed" to make all transactions fully anonymous by default, if only so that any proposals to trace/block coins quickly get shut down as technically impossible.

+1
atm i cant imagine how this would work but i would really like it Wink

i just hope that more people see bitcoins like gold: you just dont have any chance to see the route the gold has taken until it reached you.

the whole idea about "good" or "bad" bitcoins is just crazy

edit: bad typo
hero member
Activity: 588
Merit: 500
September 21, 2012, 08:31:08 AM
#49
I look forward to the day when the Bitcoin client and/or protocol are "fixed" to make all transactions fully anonymous by default (as per various proposals floating around, the latest of which I saw at London conference from the Russian guys), if only so that any schemes to trace/block coins quickly get shut down as technically impossible.
hero member
Activity: 784
Merit: 1009
firstbits:1MinerQ
September 21, 2012, 12:48:32 AM
#48
As for "coin-melting" being silly.  If there was enough demand I am sure some botnets or some large hashing farms would be happy to "coin-melt" your blacklisted coins for a cut of the profits.
It's not like a large fee is going to go unnoticed, nor the output tx feeding the fee would be hidden. As long as the miner is totally hidden and unknown it could perhaps work but the thief would likely have to trust the miner enough to be sure he didn't mine all the fees into his own wallet.

And in that case why bother mining it? Why not just make a deal to take the coins and for a cut launder/mix them? Any fees in the generation tx are going to end up in the miners address and be just as tainted as the input fee tx.

I guess what I mean eg. the bitfloor hack btc are just sitting there. If they were to be paid in fees and with people watching the btc sitting there it would be visible that they end up in a new block.

legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
September 20, 2012, 09:58:13 PM
#47
After reading some parts of this thread, my conclusion is that this will NOT work now, will NOT work in the future, and can NEVER work. Taint has been discussed before and in the end, it won't work. None of the developers would also work on this as this is not a priority.

This is a problem outside of bitcoin, outside of the protocol, outside of the technology. Bank robbers will always steal banks and use the money. You just have to have the bank better protected.
legendary
Activity: 1120
Merit: 1164
September 20, 2012, 09:48:02 PM
#46
The fee is not part of the generation transaction so I don't think this would make any difference as far as it being a normal transaction in the blockchain. Plus, he would only be able to keep the funds if he found the block. This could only be done if he mined solo or controlled the pool that mined the block. And the second option would be silly as it would expose the thief.

The fee IS part of the generation tx.  The difference of the sum of inputs and sum of outputs of all tx in the block is added to the current block subsidy to form the block reward.  


As for "coin-melting" being silly.  If there was enough demand I am sure some botnets or some large hashing farms would be happy to "coin-melt" your blacklisted coins for a cut of the profits.  I mean blacklisting is going nowhere (just like it didn't the 99 times in the past it was proposed) and the OP is delusional but for the sake of the argument lets pretend it existed and was ironclad.   So as a thief if you could have 24,000 BTC which were completely unspendable and worthless or 12,000 BTC in brand new generated coins which would you pick?  Where would the other 50% go?   How about send 10% to random addresses to taint their existing coins (and add a hell of a lot of noise to any blacklist system), send another 15% as fees in random txs to be picked up by legit miners (every pool on the planet would be "polluted" with coinbase tx which include blacklisted fees, the last 25% goes as a fee/bonus (no top of normal block rewards) for the coin-melting private farm and/or botnet.  

Of course one interesting thing about "coin-melting" would be the incentives it'd give to mining. If people handing out 12,000BTC fees was ever common, pools would be willing to stop working on the latest block and work on the second, or even third, latest to attempt to reverse the high-fee mined block and collect the fees for themselves. Of course, you could wait until you got really lucky and found, say, two blocks in a row and spread fees between them. Or just melt a small amount of fees per block, maybe spread over a boatload of transactions to obscure what you were doing.

Now, does the honest miner who takes a risk to steal a thief's fees by working to reverse a block rather than extend the chain deserve to keep those fees as their reward? Some of those fees? How do you know they're an honest miner?
hero member
Activity: 784
Merit: 1009
firstbits:1MinerQ
September 20, 2012, 09:25:25 PM
#45
My bad. I thought it was added as a side transaction but I didn't go check.
donator
Activity: 1218
Merit: 1079
Gerald Davis
September 20, 2012, 09:10:59 PM
#44
The fee is not part of the generation transaction so I don't think this would make any difference as far as it being a normal transaction in the blockchain. Plus, he would only be able to keep the funds if he found the block. This could only be done if he mined solo or controlled the pool that mined the block. And the second option would be silly as it would expose the thief.

The fee IS part of the generation tx.  The difference of the sum of inputs and sum of outputs of all tx in the block is added to the current block subsidy to form the block reward.  


As for "coin-melting" being silly.  If there was enough demand I am sure some botnets or some large hashing farms would be happy to "coin-melt" your blacklisted coins for a cut of the profits.  I mean blacklisting is going nowhere (just like it didn't the 99 times in the past it was proposed) and the OP is delusional but for the sake of the argument lets pretend it existed and was ironclad.   So as a thief if you could have 24,000 BTC which were completely unspendable and worthless or 12,000 BTC in brand new generated coins which would you pick?  Where would the other 50% go?   How about send 10% to random addresses to taint their existing coins (and add a hell of a lot of noise to any blacklist system), send another 15% as fees in random txs to be picked up by legit miners (every pool on the planet would be "polluted" with coinbase tx which include blacklisted fees, the last 25% goes as a fee/bonus (no top of normal block rewards) for the coin-melting private farm and/or botnet.  
legendary
Activity: 1120
Merit: 1164
September 20, 2012, 09:05:17 PM
#43
'

Not to mention the thief can turn coins into block rewards by spending them on transaction fees.

Is mining income tainted too now?
The fee is not part of the generation transaction so I don't think this would make any difference as far as it being a normal transaction in the blockchain. Plus, he would only be able to keep the funds if he found the block. This could only be done if he mined solo or controlled the pool that mined the block. And the second option would be silly as it would expose the thief.

The coinbase transaction is allowed to have a value of up to subsidy+fees; the thief most certainly could move value into it. You aren't proposing blocking the transactions themselves, which would split the network anyway, so any thief, or even a group of them, can get together and buy some mining hardware to find blocks faster. Or rent time on gpumax, or, for now, buy time on a botnet.

On top of this once you can mine some blocks you can also use non-standard transactions to spend your loot, complicating any code designed to taint transactions.

More importantly they can cause miners a lot of pain by simply moving coins around, spending fees, and casting others under suspicion if you start calculating taint on coinbases.


I second Gavin's response: go and implement it for us and we'll see what happens.
hero member
Activity: 784
Merit: 1009
firstbits:1MinerQ
September 20, 2012, 07:55:53 PM
#42
OP doesn't seem to realize the thief can simply move the coins to another address in his wallet in just a few seconds. Impossible to say whether they were spent or moved from left hand to right.

So this introduces situations where people accept coins without knowing if they can be spent later.

Extremely bad for the Bitcoin network overall. People need to trust that coins they receive can be spent otherwise the value of Bitcoin becomes question and the market price will reflect this.

Hence, a system like this socializes the cost of a theft over the whole network as reduced utility and lower value. But doesn't stop the thief at all from spending to users who choose not to accept blacklists - which I expect should be almost everyone.

Not to mention the thief can turn coins into block rewards by spending them on transaction fees.

Is mining income tainted too now?
The fee is not part of the generation transaction so I don't think this would make any difference as far as it being a normal transaction in the blockchain. Plus, he would only be able to keep the funds if he found the block. This could only be done if he mined solo or controlled the pool that mined the block. And the second option would be silly as it would expose the thief.
legendary
Activity: 1120
Merit: 1164
September 20, 2012, 07:39:28 PM
#41
OP doesn't seem to realize the thief can simply move the coins to another address in his wallet in just a few seconds. Impossible to say whether they were spent or moved from left hand to right.

So this introduces situations where people accept coins without knowing if they can be spent later.

Extremely bad for the Bitcoin network overall. People need to trust that coins they receive can be spent otherwise the value of Bitcoin becomes question and the market price will reflect this.

Hence, a system like this socializes the cost of a theft over the whole network as reduced utility and lower value. But doesn't stop the thief at all from spending to users who choose not to accept blacklists - which I expect should be almost everyone.

Not to mention the thief can turn coins into block rewards by spending them on transaction fees.

Is mining income tainted too now?
hero member
Activity: 784
Merit: 1009
firstbits:1MinerQ
September 20, 2012, 05:10:45 PM
#40
OP doesn't seem to realize the thief can simply move the coins to another address in his wallet in just a few seconds. Impossible to say whether they were spent or moved from left hand to right.

So this introduces situations where people accept coins without knowing if they can be spent later.

Extremely bad for the Bitcoin network overall. People need to trust that coins they receive can be spent otherwise the value of Bitcoin becomes questionable and the market price will reflect this.

Hence, a system like this socializes the cost of a theft over the whole network as reduced utility and lower value. But doesn't stop the thief at all from spending to users who choose not to accept blacklists - which I expect should be almost everyone.
legendary
Activity: 1148
Merit: 1008
If you want to walk on water, get out of the boat
September 20, 2012, 04:46:34 PM
#39
Blocking the coins makes no sense in many scenarios:
  • If the coins are reused before being signaled as stolen, an innocent person will suffer from having received worthless coins before it was known that they were worthless. And you cannot distinguish between coins having been moved by the thief in his own wallet from coins having been used to pay a service or a good, so as soon as the coins have been moved, you can no longer blacklist them.
  • If the coins have been sent through a mixer, then you will now blacklist any output which contains even one satoshi from the stolen coins.
  • You can attack someone by convincing people that 1 BTC mixed with their 10,000 BTC has been stolen, thus rendering the whole 10,000 BTC worthless.

Can't you see the dozens of way your proposal could go wrong?

+1
legendary
Activity: 1652
Merit: 2311
Chief Scientist
September 20, 2012, 02:14:39 PM
#38
Why not try it? It should be easy to implement. Instead of arguing, let's just try it. You think it won't work, great. Let's try it.

Yes, go ahead and implement it.  Here's a thumbnail sketch of one way to start:

+ Create a web service that lets anybody upload their email address and a list of public keys.

+ Send the user an email whenever 'tainted' coins are sent to any of those public keys, telling them how tainted they are and where they came from.

That's it.

For extra credit, you could let users upload their wallet.dat files (private keys encrypted, I would hope) and auto-extract all the public keys in the wallet.  Heck, if you stored the private-key-encrypted wallet.dats you might be able to charge a little for both blacklist detection and wallet backup.

full member
Activity: 154
Merit: 100
September 20, 2012, 01:52:52 PM
#37
There are problems without clean, elegant solutions. For these problems, you use several solution which don't eliminate the problem but hopefully lessen it. That's all I am talking about. Optional blacklisting will not stop thefts. Together with other measures, it will make thefts more difficult. Why not try it? It should be easy to implement. Instead of arguing, let's just try it. You think it won't work, great. Let's try it.

Please go ahead. Go through the bitcoins in your own wallet, and check to see if any bit of them relates to the various thefts related on the forum (you can find the transaction id in many cases). Note it can take a long time doing so, as it will require that you go up the transaction chain (each transaction having one or more inputs) until you hit either the coinbase (zero input) or a transaction that uses stolen funds.

By doing so, you should get an idea of the work it represents to do that for every transaction. And maybe you will identify some stolen satoshis (if that ever makes sense in a fungible currency) in some of your wallet inputs, and you will throw those transactions away to avoid using stolen funds.

Oh, and you haven't considered this case: S come from stolen funds, C are clean funds, S+C are sent in one transaction as T (the sender does not have the same blacklist as you do) and thus tainted flagged by your client, so T is sent back (because you can no longer distinguish S from C since those outputs are now spent) as U, and now U is unusable as well because it got tainted by S. As a result, now more funds are marked as unusable by you and those using the same blacklist.

Chances are that f you do the test with your wallet and all the known stolen funds, you will throw away (or at least refuse to use)) your whole wallet.
sr. member
Activity: 317
Merit: 252
September 20, 2012, 01:42:22 PM
#36
Anyway, there's an easy way to measure the effectiveness of any proposed blacklisting system-- just implement the same system as a way to prevent double spends.  If you're really proposing that a blacklisting system can effectively prevent stolen coins from being spent a second time, then it follows that the same system should be as effective in solving the double spend problem.  If preventing double spends doesn't seem feasible without the proof-of-work blockchain, then what makes you think the flagging system is feasible?  Or if it does seem feasible, then why not release it as a blacklist-based altcoin that uses orders of magnitude less resources and blow Bitcoin out of the water?

There are problems without clean, elegant solutions. For these problems, you use several solution which don't eliminate the problem but hopefully lessen it. That's all I am talking about. Optional blacklisting will not stop thefts. Together with other measures, it will make thefts more difficult. Why not try it? It should be easy to implement. Instead of arguing, let's just try it. You think it won't work, great. Let's try it.
member
Activity: 80
Merit: 10
September 20, 2012, 01:32:45 PM
#35
Before we get there, we need to have the ability for the client to easily flag blacklisted coins.

Letting the client flag blacklisted coins is easy.  Using those blacklists to create a meaningful/workable system that deters theft is hard.

Anyway, there's an easy way to measure the effectiveness of any proposed blacklisting system-- just implement the same system as a way to prevent double spends.  If you're really proposing that a blacklisting system can effectively prevent stolen coins from being spent a second time, then it follows that the same system should be as effective in solving the double spend problem.  If preventing double spends doesn't seem feasible without the proof-of-work blockchain, then what makes you think the flagging system is feasible?  Or if it does seem feasible, then why not release it as a blacklist-based altcoin that uses orders of magnitude less resources and blow Bitcoin out of the water?
Pages:
Jump to: