Topic: Novel Idea: Unlosable "Binary" Physical Bitcoins (Read 3071 times)

The second piece won't be sent until the recipient has confirmed receipt of the first one, so that can't happen.

The likelihood of a printer manufacturer stealing bitcoins by manufacturing rogue firmware that steals people's print jobs is astronomically low.  Having your HP printer send a "mystery file" to HP's servers every time you print (and the mystery file just magically matching the size of each print job) is something that would be noticed by sysadmins in minutes.  It would be all over the press the same day.  They would probably have an easier time just guessing private keys.  Besides, I print these on an inkjet printer via USB and no internet connection, so this issue is moot.

Yeah, or maybe someone can make coins with embedded tamper evident holograms.

The recient can still wait for two pieces to arrive, snap them together, then claim neither piece arrived. To be trusted, physical coins should always be checked against the block-chain. In fact, to be truly trusted, they would be single-use.

This scheme also does not prevent collusion among the manufacturers known or not. If both manufacturers are using the same brand of printer with remote update capabilities, the printer manufacturer may be able to steal the bitcoins (for example).

I think ulimately, physical bitcoins are going to end up working more like checks. We just need a relatively simple, tamper evident way of hiding the secret key (The 'Bitbills' design is almost ideal for this)

Just don't declare it as bitcoin on the shipping documentation and you'll be fine. That is what had happened in this case.

FedEx recently returned a shipment of Bitcoins to the shipper because it said on the invoice it contained bitcoins and "we do not ship currency".

...or you can just insure your packages.

S010 Indemnity Claims
2.14 Nonpayable Claims

Indemnity is not paid for collect on delivery (COD), insured, or registered service or for Express Mail in these situations:

...
r. Negotiable items (defined as instruments that can be converted to cash without resort to forgery), currency, or bullion valued in total at more than $15 per shipment sent by Express Mail, except under 2.12c.
...

...or you can just insure your packages.

It's so simple!

I thought of a way where someone could order physical bitcoins without any risk of loss in the mail.  I have never had any of my shipments lost, but of course it is always possible.  And the obvious solutions aren't easy.

• If I send funded bitcoins and they get lost, they're gone.
• If I send funded bitcoins and they don't get lost, the recipient could claim they were lost.
• If I send unfunded bitcoins and they get lost, someone out there (a postman) will have unfunded coins.  Unfunded coins are a problem because it makes it impossible to accept coins without checking block explorer - defeating the purpose of the whole series of coins.
• If I send unfunded bitcoins and they don't get lost, recipient could claim they were lost and ask for a replacement, but then they would have unfunded coins.
• If I send funded bitcoins but keep private keys, none of the problems are solved.  I could take back the funds, but then there's an unfunded piece somewhere.
• The very idea that I could keep private keys scares buyers of large value bitcoins.  It would also be nice to have physical bitcoins produced by two parties, so the buyer doesn't have to worry about the possibility of manufacturer scams.

I thought of "binary bitcoins" as an idea.  Basically, this would be a physical bitcoin in two parts, neither of which is the complete physical bitcoin.  For example, I could come up with a gold bar that has a hologram like normal, but also on the bottom, a precisely hollowed out spot that would accept, and permanently hold, a coin-shaped object, which would be an activation token with the 2nd key.  The bar could have a serial number (XYZ123) and lasered text to clearly indicate that the bar has no value without the matching hologrammed brass activation token, also bearing the same serial number (XYZ123) lasered on its face.

1.  I, and some other trusted party, would each generate a private key, and then calculate the bitcoin address of the combined key using only the public keys, and EC addition.  So nobody has the full private key.
2.  I would send out the piece with my half of the key.
3.  When the recipient said the bar arrived, the other trusted party would send out the activation token with his half of the key.
4.  When the recipient said the token arrived, he would "snap" it into the dugout on the gold bar, so it would permanently stay there.  At that point, I would fund the address calculated in step 1.

If the recipient says the bar didn't arrive, I could simply send a new bar with a different address.  The risk of loss becomes limited to the value of the unfunded bar.  Wherever the first bar ended up, whether a postal worker or a dishonest buyer, it would never become complete.

If the recipient says the token didn't arrive, as many duplicates as necessary would be sent.

Neither part has any Bitcoin value for customs purposes, and it doesn't really matter if customs seizes it.  Neither part should be mistakable for a complete item.

With this scheme, the buyer is assured that no mailman or customs agent can steal his bitcoins.  And no manufacturer can steal his bitcoins either, once he has had his bar funded.

Physical bitcoins are a reverse abstraction, that may facilitate understanding and trust among our more pedestrian members of the info highway in the short term, but the physical abstraction are in fact far less secure than the real thing, and some perhaps large fraction of the competition will undoubtedly fail.
...
I understand why you want something like this for large bitcoin bullion via post.

This scheme seems secure enough.

* bold added.