Your solution is interesting, but it requires us to trust the dispute mediating company, which would be subject to human error. It would also require trusting miners, and it requires paying a fee to the dispute resolution company.
There is a discussion going on about how to prevent unauthorized withdrawals right now over in this thread: https://bitcointalksearch.org/topic/m.2213559
It essentially involves adding extra output script constraints to your coins that you and any thief must abide by. This has its advantages and disadvantages, but it becomes very difficult for a thief to try to spend your coins without notifying you because it first must produce an "intention" transaction that the network recognizes before actually sending the coins out of your wallet later. It is still trust-less because it doesn't rely on any central entity to mediate the disputed withdrawal.
Topic: Recover/Prevent Stolen Wallets (Read 544 times)
There are quite some problems with this:
- You have to trust the third party
- How does the third party know a transaction isn't rightful?
- How does the third party manage to react that fast without stopping quite a bunch of rightful transactions?
- You have to trust the third party
- How does the third party know a transaction isn't rightful?
- How does the third party manage to react that fast without stopping quite a bunch of rightful transactions?
When your wallet is stolen you do not know until there is a transaction on the network. In theory there are 0 to 10 minutes from the time the 'unauthorized' transaction is detected until the first confirmation where 'something' could be done.
One or more companies could be set up as 'dispute resolution' services and they would publish one or more addresses.
If your client detects a spend from your wallet that the client did not initiate, then it could issue a 'double spend' to one of these dispute resolution addresses and include a higher fee.
Honest mining pools would detect the double spend, see that there is a 'dispute' and prefer the transaction to the dispute resolution service (which the mining pool would vet).
If enough mining pools / miners decided to follow this protocol then thefts could be detected and 'stopped' with high probability. In fact, if 51% of the network agreed to reject 'blocks' containing a trx with a double-spend to one or more dispute resolution services then it would effectively eliminate 'theft' except by thieves doing their own mining.
So to 'steal' money from a wallet would now require the thief to keep the transaction 'private' until they produce a block that includes it. This could be countered by rejecting blocks that contain transactions that have not been seen by the network. All of this could be done without changing the protocol.
If you were willing to change the protocol all transactions could require a 2-phase commit. First the transaction must get into a block, but it may be replaced by the following block if there is a dispute. This would require waiting for 2 confirmations before the transaction could be considered final.
One or more companies could be set up as 'dispute resolution' services and they would publish one or more addresses.
If your client detects a spend from your wallet that the client did not initiate, then it could issue a 'double spend' to one of these dispute resolution addresses and include a higher fee.
Honest mining pools would detect the double spend, see that there is a 'dispute' and prefer the transaction to the dispute resolution service (which the mining pool would vet).
If enough mining pools / miners decided to follow this protocol then thefts could be detected and 'stopped' with high probability. In fact, if 51% of the network agreed to reject 'blocks' containing a trx with a double-spend to one or more dispute resolution services then it would effectively eliminate 'theft' except by thieves doing their own mining.
So to 'steal' money from a wallet would now require the thief to keep the transaction 'private' until they produce a block that includes it. This could be countered by rejecting blocks that contain transactions that have not been seen by the network. All of this could be done without changing the protocol.
If you were willing to change the protocol all transactions could require a 2-phase commit. First the transaction must get into a block, but it may be replaced by the following block if there is a dispute. This would require waiting for 2 confirmations before the transaction could be considered final.
Jump to: