Although I trust Mt. Gox, I personally feel like the way that BitBills and Causcious Bitcoins are going is the better way to go. If one day I can no longer trust Mt. Gox, my BitBills are still safe.
Say Mt. Gox gets hacked, my redemption codes are now worthless, my BitBills are not. There is more trust in the dual hologram system than redemption codes, not because Mt. Gox is untrustworthy, but just because of how the system is designed.
Topic: Paper Bitcoins (Read 2114 times)
Whilst it is true that the requirement is currently self-imposed, financial laws in the majority of markets Mt.Gox supports require that only transaction fees be taken from users' accounts with the rest left untouched by the company, except where processing payments. Whether these laws apply to Mt.Gox would of course depend on the type of business that Mt.Gox is classified under.
Mt Gox codes are exactly that - a promise of actual BTC. As long as Mt. Gox keeps exactly the number of BTC on account that they have promised in all of their outstanding unclaimed codes all is well with the world - peace, harmony and love. However, if people start using the codes themselves as a longer term store of value or worse yet as a medium of exchange then Mt. Gox may be tempted into issuing more codes than they have BTC and the evil dark lord of fractional reserve banking will rise again 
!
As consumers we can prevent this by using the Mt. Gox codes for only a short period of time and claiming them as soon as possible. Also ony accept actual BTC as payment (coins ok as they contain actual BTC) - never accept promises of BTC for payment.
There is already a market for the codes. You can buy them with credit card payment at http://www.mrcoins.org
!As consumers we can prevent this by using the Mt. Gox codes for only a short period of time and claiming them as soon as possible. Also ony accept actual BTC as payment (coins ok as they contain actual BTC) - never accept promises of BTC for payment.
There is already a market for the codes. You can buy them with credit card payment at http://www.mrcoins.org
Sorry to bring up an earlier post, but I thought I'd address this point for clarity's sake. Mt.Gox Redeemable Codes for either bitcoins or traditional currency automatically "remove" the relevant sum from a user's account on their creation. These funds are then held in limbo until the code is redeemed. As such, it is impossible for a user to create a redeemable code for more funds than they have access to.
Since these funds are drawn from a user's account, a redeemable code represents funds which are in existence at the time of its creation, which are held for as long as it takes for the code to be redeemed. Since the actual amount of bitcoins or dollars won't vary in a user's account over time (unlike the value of those funds) then as long as an entity which accepts Mt.Gox Redeemable Codes exists, they will be valid.
Of course, this assumes that Mt.Gox does not access, use or alter user's funds in any way (apart from the taking of trade fees), but I hope the community is willing to trust us on that point.
If there are any other questions or concerns in relation to Mt.Gox Redeemable Codes, feel free to contact us on the forums, or at [email protected].
Mt Gox codes are exactly that - a promise of actual BTC. As long as Mt. Gox keeps exactly the number of BTC on account that they have promised in all of their outstanding unclaimed codes all is well with the world - peace, harmony and love. However, if people start using the codes themselves as a longer term store of value or worse yet as a medium of exchange then Mt. Gox may be tempted into issuing more codes than they have BTC and the evil dark lord of fractional reserve banking will rise again !
As consumers we can prevent this by using the Mt. Gox codes for only a short period of time and claiming them as soon as possible. Also ony accept actual BTC as payment (coins ok as they contain actual BTC) - never accept promises of BTC for payment.
There is already a market for the codes. You can buy them with credit card payment at http://www.mrcoins.org
!As consumers we can prevent this by using the Mt. Gox codes for only a short period of time and claiming them as soon as possible. Also ony accept actual BTC as payment (coins ok as they contain actual BTC) - never accept promises of BTC for payment.
There is already a market for the codes. You can buy them with credit card payment at http://www.mrcoins.org
Sorry to bring up an earlier post, but I thought I'd address this point for clarity's sake. Mt.Gox Redeemable Codes for either bitcoins or traditional currency automatically "remove" the relevant sum from a user's account on their creation. These funds are then held in limbo until the code is redeemed. As such, it is impossible for a user to create a redeemable code for more funds than they have access to.
Since these funds are drawn from a user's account, a redeemable code represents funds which are in existence at the time of its creation, which are held for as long as it takes for the code to be redeemed. Since the actual amount of bitcoins or dollars won't vary in a user's account over time (unlike the value of those funds) then as long as an entity which accepts Mt.Gox Redeemable Codes exists, they will be valid.
Of course, this assumes that Mt.Gox does not access, use or alter user's funds in any way (apart from the taking of trade fees), but I hope the community is willing to trust us on that point.
If there are any other questions or concerns in relation to Mt.Gox Redeemable Codes, feel free to contact us on the forums, or at [email protected].
In the two hologram system I outlined in the other thread you would end up with three public key addresses:
1) the public key address of the first hologram P1 (first private key under it - p1)
2) the public key address of the second hologram P2 (second private key under it - p2)
3) the public key address etched or printed on the item itself (bill or bar) P3
It is this third public address, P3, that would have the BTC sent to it, the other two public addresses are not really needed after the item is made and P3 is calculated from them.
To check a bill or bar to make sure it is worth what it says all you would have to do is lookup the third public address (P3) in the block explorer and make sure it contained the correct number of BTC.
1) the public key address of the first hologram P1 (first private key under it - p1)
2) the public key address of the second hologram P2 (second private key under it - p2)
3) the public key address etched or printed on the item itself (bill or bar) P3
It is this third public address, P3, that would have the BTC sent to it, the other two public addresses are not really needed after the item is made and P3 is calculated from them.
To check a bill or bar to make sure it is worth what it says all you would have to do is lookup the third public address (P3) in the block explorer and make sure it contained the correct number of BTC.
The math definitely adds up. In the topic about it we discussed the math heavily.
This on the other hand is still a valid point.
You can verify that there is coinage on the address listed on the coin though couldn't you? I think that casascius's physical Bitcoins have the BTC address that the money was sent to on them. If they don't, I know that BitBills do.
No. Then I wouldn't know who screwed me. At least I know where Mike C (Casc..us) lives.
This on the other hand is still a valid point.
Quote
But you do bring up a good point. Even though you no longer have to worry about the private key ever even having been calculated anywhere by anyone, you do have to trust two entities to properly put the two key pairs on to the item and at least one entity to have properly added the two public keys together.
You can verify that there is coinage on the address listed on the coin though couldn't you? I think that casascius's physical Bitcoins have the BTC address that the money was sent to on them. If they don't, I know that BitBills do.
The math is correct. If p = the private key, P = the public key and G = the base point of the EC crypto system then P = p(G) where p(G) is the scalar multiplication of p selected from the finite field used to generate the elliptical group with the base point G from the group.
So for any two key pairs: P0/p0 and P1/p1
P0 = p0(G)
P1 = p1(G)
P0 + P1 = p0(G) + p1(G) = (p0 + p1)(G)
So you can take two public keys and apply the defined elliptical group addition and the resulting public key will have the corresponding private key which it the simple modulus addition of the two private keys.
But you do bring up a good point. Even though you no longer have to worry about the private key ever even having been calculated anywhere by anyone, you do have to trust two entities to properly put the two key pairs on to the item and at least one entity to have properly added the two public keys together.
So for any two key pairs: P0/p0 and P1/p1
P0 = p0(G)
P1 = p1(G)
P0 + P1 = p0(G) + p1(G) = (p0 + p1)(G)
So you can take two public keys and apply the defined elliptical group addition and the resulting public key will have the corresponding private key which it the simple modulus addition of the two private keys.
But you do bring up a good point. Even though you no longer have to worry about the private key ever even having been calculated anywhere by anyone, you do have to trust two entities to properly put the two key pairs on to the item and at least one entity to have properly added the two public keys together.
No. Then I wouldn't know who screwed me. At least I know where Mike C (Casc..us) lives.
...and furthermore I don't believe that is technically possible. A public elliptic key is derived from a private key. Two entities can not (according to my wildest imagination) produce a secret unknown to either of them and derive something else from that which they do not know. It's like Diffie-Hellman with a major step removed from the calculus.
...and furthermore I don't believe that is technically possible. A public elliptic key is derived from a private key. Two entities can not (according to my wildest imagination) produce a secret unknown to either of them and derive something else from that which they do not know. It's like Diffie-Hellman with a major step removed from the calculus.
Just curious. Would you trust them more if the bills had two holograms from two different entities/companies where neither company ever had access to the private key? The person taking off both holograms would be the first person to have all the information needed to calculate the private key.
See this thread for more details: https://bitcointalksearch.org/topic/m.634864
See this thread for more details: https://bitcointalksearch.org/topic/m.634864
I think paper bitcoins fill a role somewhat like traveler cheques, but as a physical currency they offer very little protection against double spending. I could imagine printing out a few personal traveler cheques from my digital wallet and 'signing' them with the unlocking passphrase. The merchant could transfer them immediately, thus relieving me from needing a networked computer. He could optionally pass it on like cash with default risk.
Cas..us coins are novel, but I don't think it has much 'staying power'. If/when physical bitcoins become as ubiquitous as M&M's, I'd immediately rip each physical hologram off and transfer the cash digitally - I wouldn't trust a single one of them.
Cas..us coins are novel, but I don't think it has much 'staying power'. If/when physical bitcoins become as ubiquitous as M&M's, I'd immediately rip each physical hologram off and transfer the cash digitally - I wouldn't trust a single one of them.
Mt Gox codes are exactly that - a promise of actual BTC. As long as Mt. Gox keeps exactly the number of BTC on account that they have promised in all of their outstanding unclaimed codes all is well with the world - peace, harmony and love. However, if people start using the codes themselves as a longer term store of value or worse yet as a medium of exchange then Mt. Gox may be tempted into issuing more codes than they have BTC and the evil dark lord of fractional reserve banking will rise again !
As consumers we can prevent this by using the Mt. Gox codes for only a short period of time and claiming them as soon as possible. Also ony accept actual BTC as payment (coins ok as they contain actual BTC) - never accept promises of BTC for payment.
There is already a market for the codes. You can buy them with credit card payment at http://www.mrcoins.org
!As consumers we can prevent this by using the Mt. Gox codes for only a short period of time and claiming them as soon as possible. Also ony accept actual BTC as payment (coins ok as they contain actual BTC) - never accept promises of BTC for payment.
There is already a market for the codes. You can buy them with credit card payment at http://www.mrcoins.org
I am very much opposed to the idea of promise-to-pay Bitcoins... perhaps that mtgox's redeemable codes are a step in that direction??
Agreed. We definitely need private key importing into a local client, preferably a smartphone app.
I am very much opposed to the idea of promise-to-pay Bitcoins - because that leads to fractional reserve banking ( =fraud). Casascius physical Bitcoins are not promise-to-pay bitcoins, but perhaps that mtgox's redeemable codes are a step in that direction??
I'm not saying that a bank couldn't fractionally reserve, just that it would be less likely to happen in an era where people are heavily skeptical of that sort of thing. I think paper Bitcoins are bound to take root eventually, probably in both the IOU and the cassassius like paper bitcoin forms.
I do see the point of paper bitcoins though. And why not let banks do their fractional reserve banking with them? It would be no different than paper money vs gold under the gold standard. If you dont trust the banks' paper money, use bitcoins directly.
Fractional reserve banking is leveraged speculation. If they fail, there would be nobody to bail them out.
Any chance of creating a completely new and independent card swiper?
A magstrip might be a good way to access an online wallet. If bitcoin is stored on one, a magnet would erase your wallet.
There are two ways to create paper bitcoins; either as IOU, and then bitcoin would act as gold under the goldstandard (with the notable difference that it still wouldnt be legal tender, so you have to trust that particular bank's solvency, and not the financial system as a whole).
Or you could device a system quite similar to cascadius coins; have a private key underneath a peel off or scratch off mask. The trust issue would be different, as youd not have to trust the banks solvency but youd have to trust the bank not to have a copy of the key and therefore the ability to steal it.
Still, either approach could work IMO.
Or you could device a system quite similar to cascadius coins; have a private key underneath a peel off or scratch off mask. The trust issue would be different, as youd not have to trust the banks solvency but youd have to trust the bank not to have a copy of the key and therefore the ability to steal it.
Still, either approach could work IMO.
The same idea is used in the casascius coins - the private key is sealed within the coin. No bank is necessary to make this work.
You could call casascius the "bank"here; whether physical coins or paper, the trust issue is similar: you have to trust whoever issues it.
I do see the point of paper bitcoins though. And why not let banks do their fractional reserve banking with them? It would be no different than paper money vs gold under the gold standard. If you dont trust the banks' paper money, use bitcoins directly.
Yes there is a big trust issue - but assuming you trust Mr Casascius, you can be certain that the bitcoin you own is really a bitcoin (like a gold coin). The bank would just be issuing a 'promise to pay the bearer on demand' IOU (a copper coin).
If Lloyds of London started doing this then obviously it would be good news for Bitcoin (I think - though they could still print as much 'money' as they wanted and just call it 1btc, and we'd just have to believe them).
The same idea is used in the casascius coins - the private key is sealed within the coin. No bank is necessary to make this work.
You could call casascius the "bank"here; whether physical coins or paper, the trust issue is similar: you have to trust whoever issues it.
I do see the point of paper bitcoins though. And why not let banks do their fractional reserve banking with them? It would be no different than paper money vs gold under the gold standard. If you dont trust the banks' paper money, use bitcoins directly.
The whole point of bitcoin is that it doesn't need a centralized bank - the network and blockchain are the bank. Why take an idea that frees us from the banks and then get the banks to run it for us?
If you want a paper wallet you can easily create one here:
https://www.bitaddress.org/
The same idea is used in the casascius coins - the private key is sealed within the coin. No bank is necessary to make this work.
If you want a paper wallet you can easily create one here:
https://www.bitaddress.org/
The same idea is used in the casascius coins - the private key is sealed within the coin. No bank is necessary to make this work.
Jump to: