Topic: Taint checker list (Read 5053 times)

Obvious sockpuppet is obvious. But we understand the need to hide your true identity.

We are in the early development stage of Bitcoin. This talk of law enforcement is premature. While there should be tools to track transactions, Bitcoin security should be the priority to prevent theft. Other than providing a ledger, Bitcoin doesn't cause crimes. I don't see why there should be any reason to refuse bitcoin transactions because of tainted addresses. Restitution of stolen money rarely happens anyway and because Bitcoin is so secure, it will hardly be worth worrying about.

Well, if you think just by speculating about how to exploit a proposed new change I can ruin bitcoin, you are right. Obviously I am much more smart than all the bad guys out there, who would never think of this themselves. That's flattering, thank you.

But you are delusional. I don't want to ruin but protect bitcoin. The problem is the bad idea, not a quickly made up plan showing how to exploit it, written in first person for dramatic effect.

-coinft

I don't think that any major pool will support this "blacklist" or "tainting". At least I'm not going to use it.
Tainting is a very bad idea.

There is also another very bad idea that comes to many minds: trying to detect and re-mine "forgotten/lost" coins.

Oooh, I see.  We are just abandoning logical arguments and distorting each other's viewpoints now.   Well, in that case:


I'm out.

D&T mentioned that every government has legal tender laws. Forcing everyone to place the same value on every bitcoin is much the same.


I do not have the ability to write a firewall or antivirus software, does that mean I should just give up now and not purchase/use any?

The metal weight of the coins was still fungible (if you know their composition), so merchants just had to use a scale to measure rather counting. Some coins had their silver content diluted, leading to them bein devalued or no longer accepted for trade in outside nations, and contributed to their issuers destroying huge amounts of wealth in their own nations.  This is why paper is now generally preferred, because a bill is exact, and you don't need a scale to measure it.

What do legal tender laws have to do this this?  Seems like a non sequitor.

I don't think "Someone is probably smarter than both of us so we should just give up trying to understand the problem" is a very healthy perspective to have on the pursuit of knowledge.  It doesn't have to be an arms race if you know the other side will outpace you, and it will be a net waste of time and money 

Back when currency used to be metal coins, people would clip them. Merchants would weigh the coins and then determine their value. So for thousands of years, one coin was not worth exactly what another one was. Obviously they were not very fungible, and somewhow they survived until currency went to paper much later on. Are you proposing we should have legal tender laws for Bitcoin?

We can also debate back and forth on the minutiae of attacks and defenses, but the reality is that people much smarter and far more intimate with the inner workings of the block chain will come up with better attacks and better defenses. Just as there is the perpetual arms race in cybersecurity, this too will be one. I don't have the skill to write the code for the client, or the knowledge to solve all the problems, but I can damn sure pay generous bounties to those who do.

And for the rest of you, please, attack the block chain as best you can. That which does not kill Bitcoin makes it stronger. At the end we will have a far more robust and secure system than you think, or we will have nothing. Either way it will be a grand adventure.

You'll have my help when it happens

There are two possibilities for tainting: either when coins are mixed together, all of them are tainted, or just the tainted amount that was put in.

The first one has the problem of spreading like a disease.  Whenever someone accidentally accepts tainted coins, it taints all of their other coins.  Someone with tainted coins who did not realize this could spread taint to 100x the # of coins that were tainted to start.

The second one has the problem of being able to create a plausible deniability that you have in your possession any stolen coins. 

Say you have 9 stolen coins, and 1 legit coin.  You mix the coins together, and send 1BTC to each of 10 addresses.  Each of those addresses can plausibly argue, "This is the clean coin, the other 9 are tainted". 

Now, say the police have all 10 recievers in a room.  Which Bitcoin should they confiscate?  0.1 from each person?  1BTC from a random one?  There is no just way to reclaim the stolen material once it has been mixed like this.

The same day MtGox publish their "taint list" I'm cheking my addresses for stolen coins and sending poisonous pills to the blockchain as transaction fees in order to shotgun-spread the stolen coins to the miners.

Let's see where all this madness lead us.

The 2% transaction fee (in example above) would go back to the owner of the input address via another address thus it has no cost.  The fee is simply a mechanism to obfuscate the ownership of the owner to obfuscate the ownership of the coins.  The higher the fee and/or hashing power the faster you can funnel but there is no reason it couldn't work at any fee level.

You are really thinking you can taint the transaction fee of any tainted transaction which is too "high"? Honestly have you thought this through?  How high is too high?  2%, 1%, 0.5%?  What happens when someone puts transaction involving tainted coins w/ "too high of a fee" (how high is too high?) on the network as a poison pill.  They will get picked up by pools and hashed into the next block.  The transaction fee will go to hundreds (or thousands of miners).  You think every pool (and that includes all 300+ nodes on p2pool) is going to run your checks and exclude that transaction from the block. As block rewards decline do you think any pool can afford to exclude valid paying transactions?  If a single one doesn't then tainted coins from a transaction w/ "too high of a fee" (as absurdly vague as that is) is now in hundreds of wallets.  Their coins are now tainted forever?  

If you don't taint the transaction fees of transactions which have "too high of a fee" then coins can be funneled through transaction fees.  If you unilaterally decide 2% is too high then it is trivially easy to create "cleaning" transactions with random fees between 0.2% and 1.3%?  By combining these with clean inputs, and real transactions, and hundreds of addresses one can make it difficulty to identify which coins if any should be blacklisted. 

So which is it?
transaction fees of tainted transactions are taint free (which allows laundering funds through bogus transaction fees)

OR
transaction fees of tainted transactions are tainted (which allows a single transaction to taint the wallets of hundreds of innocent miners)?


As far as your personal attacks.  FUCK OFF.  I don't use stolen bitcoins, I have never stolen Bitcoins.  Me pointing out the ridiculously easy flaws in your scheme is academic.  If I can think of giant exploits in 5 minutes an attacker sitting on $250K will certainly have the motivation to think of more elaborate bypasses. Idiotic systems like yours will hurt fungibility of Bitcoin and that hurts all users including myself.

Currency must be fungible to be effective.  This basic fundemental of economics is why countries pass legal tender laws.  A dollar is worth a dollar because it is accepted everywhere in the US and buys you a dollars worth of goods.  If some dollars were worth more, and some worthless, and some accepted by some merchants and some by others it would fail as a currency.

Less fungible Bitcoin = less effective Bitcoin = less adoption = less value.  Given I have 20GH/s farm and have been mining a long time yes that means idiots like you have the potential to hurt my financial stake in Bitcoin.   If it means me running a transaction fees laundering service or regularly putting poison pills on the network tainting thousands of wallets to show you the futility of your (and Mt.Gox's) actions I will.

Actually, I think making bitcoin more anonymous and fungible is a worthy cause. The right thing to do.

As for mercenaries, you only need a small % of all miners to enter a scheme like this and fascist exchanges would be completely overwhelmed in their regulatory mess.

I meant the coinbase portion of the block, obviously the inputs and outputs of all the legitmate txns don't matter and can be sorted normally. Sorry I wasn't clearer 


I'm gonna go out on a limb here and say that none of the major pools are going to start laundering coins. Any pools that do will be quickly spotted in the blockchain. Your 2% fee of your private 20 GH/s is also BS. 2% of what? Currently fees for most blocks are well under 1btc per block. You will mine for a very long time if you are finding a block every two weeks and have fees that are under 1 btc. Any blocks with greater fees can be flagged and examined. 1btc is arbitrary, that can change (and probably will).


You assume every miner is as mercenary as you are. They are not. And again, any coinbase found by said service can simply be marked as tainted. Most miners won't mine somewhere that pays them in coins they can't sell at the exchange.


What I am starting to see is the noobs and patsies being snagged by your hyperbolic rhetoric. It is readily apparent that checking for stolen coins will hurt your profits somehow, given the virulent 'sky is falling' assault on the idea. If you don't like the fact that someone can go through the blockchain and trace every single transaction (and then make decisions based on it), you can try to change the protocol (HA!) or start your own blockchain. Your willingness to attempt to destroy Bitcoin if anybody tries this says a lot about your character (or lack thereof). As I have stated before, Bitcoin is far more robust than you think, and if it is not then it should die in a fire and we should move on Bitcoin 2.0

Agreed.

What you made here, my sir, is a really great post. I see a brilliant future in mining. Maybe its time to start thinking about funding a dark mining pool.

You seem to be dead-set to it, together with some folks at MtGox.

What about w/ 20 GH/s.  What about if mining pools did it to increase revenue?  Marking whole block as tainted?  So if I include a tainted laundry transaction and 999 other valid transactions then all the unrelated transactions become tainted too?  Wow.  I think you realize how foolish that is. 

If any element of the block is "taint free" (like transaction fees paid to coinbase) one can simply funnel the coins there.  You claim it will take a long time but a 20 GH/s farm will find about 2 blocks per week.  If 2% of transaction is cleaned via fees per block then roughly 1/2 of the tainted amount will be clean in 3 months.

Are you going to taint the coinbase of every block w/ >=2% fees?  If so some sabotage is very easy.  Simply submit some tainted transactions w/ 2%+ fee to the network and let a pool pick it up.  If deepbit picked up one then 2,000+ innocent miner's now have tainted coins according to your precious database.

If fees remain taint free then cleaning coins via private mining becomes trivially easy.  With a higher % going to private fees and more hashing power one could clean funds even faster. 80%+ of the principal in 30 days.  Using transactions w/ 3% fee rate and 100 GH/s you could clean 70% of any principal amount in 30 days, and 99% in 90 days.

Miners will do a lot for > PPS.  You don't think someone will start a 100%+ PPS service to get 100 GH/s+ and use them to launder coins?  Someone either could do it for themselves or they could do it as a service for clients.  Charge someone 5% to launder coins, pay miners 103% PPS, keep 2% profit.

Starting to see how the only people snagged by your asinine "taint list" would be noobs, 3rd parties, and patsies.

Someone that stole thousands of coins could easily include overly generous fees in lots of blocks, not just their own.  Spotting those fees won't be hard, but most of them will be decoys.

Real life money laundering also has poor returns, so don't imagine that someone would be unwilling to lose 90% to have a clean 10%.

That should only take you 6 or 7 months mining by yourself, provided the difficulty stays the same (and it won't). Again, spotting the outsize txn fee won't be hard and marking the entire block as tainted will be easy to do.


You will be a long time including a tainted satoshi with every mined block. Also, why do you think 1)anyone would care about your 'stolen' blocks, and 2)people would declare an entire block tainted because of a single tainted satoshi in its coinbase?

If you think you can destroy Bitcoin, then please try. Personally I think that it is a bit more robust than that and can withstand whatever you can throw at it.