Topic: The Collectibles Issue (Read 392 times)

I think that's the bottom line, really. Collectibles should either have nothing to do with private keys, and just be tradable objects in their own right, or they should be entirely self funded but then never traded. Given that the community as a whole makes such a big deal about telling people to only buy hardware wallets from the official site, avoid resellers, avoid second hand devices, always check for authenticity, etc., in order to try to minimize the risk of receiving a tampered device, it seems crazy that we also encourage people to trade funded collectibles which have been in the possession of an unknown number of people.

If someone can come up with a collectible with all the things you've suggested then it will certainly be better than the current situation which depends 100% on trust, but it will never be completely risk free.

That's true, this is one risk. It is the cost for not having to trust the designer or 'intermediary' owners / second-hand resellers.
Regarding accidental errors, there would need to be a software or extension for a popular wallet like Electrum that makes using these as simple as possible.

The proposed software should definitely allow you to decode / check / auto-decode that signed PSBT and show you its contents before broadcasting it.
It will be much harder to hack someone's clipboard and the wallet such that it shows a different PSBT decoding result. Although I get what you're saying: the chip is already destructed, no way to re-sign if you notice something's off. You may be able to fit a cheap OLED screen in the collectible, since they make them starting from about $2.



Maybe, the solution will also just be to have 'pretty hardware wallets'. With their full functionality & security, but also full price, just with some nice limited-edition designs. Those won't really be tradeable, though..

Tibu is already making something I'd categorize between 'full hardware wallet' and 'collectible': https://satochip.io/product-category/satochip-designer-edition/

Again, personally I would be deeply uncomfortable with such a set up. If the chip self-destructs after signing a single transaction, then there is a significant risk that you lose coins by signing an incorrect or incomplete transaction. And for most users they will not be familiar with the processes required to create a transaction manually or using a complementary watch only wallet before transferring the transaction for signing, so the risk becomes higher still.

Which plays in to my issues above. If you only have one shot at signing a transaction before the chip self destructs, then not having a screen becomes too risky. If, however, you can simply unseal the device but sign as many transactions as you want, then you don't need a screen since you can double check your signed transaction on your computer before you broadcast it, and sign a different transaction should there be any issues.

The tamper protection to choose for this application would be protection by self-destruction, i.e. if the buyer gets a device that still works (e.g. signs messages which prove it has the secret keys to spend Bitcoin stored on the printed address), the chip has not been tampered with.

I'm not sure. The feature set would be drastically reduced. I'm not sure if you can do it with a single chip or need 2, but even in that case, what you need is:

• Microcontroller
• Secure storage chip with tamper protection
• Avalanche noise circuit
• USB interface

If you want to protect against clipboard malware, you'd also need a screen, but that would make the collectible quite bulky.
The components mentioned above and the software for them should be fairly reasonable in price. Since collectibles always have a price premium, which may be increased if they're marketed as 'especially secure collectibles' (which they are), the price for the hardware and software may work out.

To give concrete numbers: Passport costs $260; devices similar to what I'm describing are available already for around $50 (less in component costs, of course).

I'm no expert in the field, but what are the specifics of the tamper protection? Could a buyer verify that it works for themselves, or are they having to take the word of a third party? Could the average buyer even verify for themselves that the tamper protection hasn't been breached? How easy is this to do?

This would be a very cool concept, but yeah, how feasible is it for a reasonable price? The Passport costs $260 for comparison.

Verifiable hardware is (becoming?) a thing for such critical applications.
To the best of my knowledge, it really started with https://betrusted.io/. For this application, it would need to be paired with some secure and tamper-protected storage chip; these exist. They don't / can't directly output the secret key, and hardware-based data extraction techniques are prevented by that tamper protection.
The combination of a secure element and verifiable hardware is basically what Foundation Passport has accomplished.

In my mind, this is mostly an engineering and price challenge at this point and not really a design / concept challenge. The building blocks definitely exist.

How is it independently verifiable by the buyer? How can the buyer (and indeed, all future buyers) verify that neither the original creator or any previous owners have been able to access the private key?

This is probably the most straightforward option. If you can have a device which will sign transactions passed to it but will never reveal the private key, then whoever owns it can send any coins they like to it, knowing that all previous owners don't have the private key and couldn't have pre-signed transactions to steal their outputs which didn't exist at the time. The biggest issues the same as above, though. Can it be independently verified?

It doesn't make them worthless in a monetary sense. But it makes them worthless in the sense, that they can never really be trusted. If you can not trust your wallet, then the whole point of bitcoin is lost. All bitcoin is about is "Do not trust, verify!". The collectibles put a new centralized organization in the system, even if the whole system was built specifically to be there without the centralized organisation. 
Anyway I like to see collectibles as art, and just hope nobody will load them.
What I like to find out in the future, if there is a "good" way to implement the private key, without the trust.

No, the private key is never shown. Otherwise, a buyer (or the creator) can read it out and save it for later. The device signs PSBTs and outputs the signed transaction, like any other hardware wallet.

It's open source, you really don't need them just the code.

Also, I did not make myself clear I was not saying use THEM just that a product like THAT would work. My bad on that I knew what I wanted to say in my head, just didn't make it to the hands to type it.

Are there any open standards out there or similar for long term secure single use data storage? Can't find any but I just don't see this never having come up someplace else.

-Dave

We could say the same thing about NFTs, but this is something I view differently from it (especially since there are entire courses dedicated to how to flip JPEGs for a profit).

Most people are not going to be selling their collectables unless they absolutely have to, because they love keeping them.

Collectables look pretty and have an artistic value, and that's about it. Doesn't make them worthless though.

And what happens if you find your Satschip in 20 years, just to find out that coinkite went bancrupt/was sanctioned and therefore the URL that seems to be needed to verify the transaction can not be reached anymore?
I think this whole collectible area is simply an inventions of companies to make money. There is no benefit at all for the community. The issue is that satoshi did not implement the right tools for such things in bitcoin in the first place.

That would be good, but we still need some apparatus to display the private key on the LED when the user requests it (maybe by touching a metal pin to some kind of hidden button like those used by routers) which permanently activates the private key on the LED.

There could also be 2 solutions so to speak (3 actually)

1) For very low value amounts, what we have now does work, unless you have sales in the 10s of thousands the amount you can get if it's a valve of 0.0001 on the coin is not a big deal. You can still make and create collectables an even if BTC goes up 100X from where it is now you are still only looking at $225 a coin. Yes in large numbers it's a lot of money but people would have to be aware of what it is.

2) For the next step up some version of the split key.

3) For the highest level of funding something like the https://satschip.com/ would be acceptable. You just put that under the hologram. Not 100% sure of the cost of them in bulk but that or a similar solution would work.

Or?

The downside is you would need a phone or something with NFC to get to tag. But I don't think that is a big deal anymore.

-Dave

That's overcomplicating, no? How about the SIM / embedded SoC in the collectible generates a private key using a secure chip the first time it's powered on? Key never leaves the device.
You plug it in and it appears as a Linux device called /dev/bc1q..... so the creator knows where to send the funds. And a buyer can easily check the value.

To sign a transaction, you pipe (or copy) the PSBT to the device and it returns the signed PSBT.

I presented the idea before, though. Not much different from a hardware wallet; just simplified the functionality to a minimum, but it would use very similar hardware.

OK, what about an operating system specifically designed for loading the keys into the collectible?

I mean like this: Each collectible can have a SIM card. The operating system will generate the private key bytes without showing them to the operator, and an additional NFC chip contained inside the collectible can communicate with some NFC receiver inside the computer hardware as soon as you scan using the computer a QR code contained on the collectible that would have connection parameters (which change as soon as you disconnect - only one concurrent connection allowed).

So anyway, the OS uses that connection to the collectible to write the private key bytes inside some file contained on the SIM, and then the computer sets the SIM to be read-only (which also permanently disables the networking apparatus), before putting them for sale.

This does require however the paper containing the private key to be replaced by an electronic LED screen, also protected by a hologram (how? IDK) somehow.

It would be sort of how credit cards communicate with POS terminals. Although CCs have numbers at the back of them. But the idea here is to prevent the operator from seeing the private key bytes in the first place. Only the customer would be able to.

Any thoughts?

It doesn't allow the collectible to sold on without introducing trust, though.

Doesn't stop someone from copying the address from their previous transaction.

I'm not sure. I wouldn't buy any pre-funded products regardless, so I'm probably not the best person to ask. If you are buying something in person then it is trivial to plug it in to check. If you are buying something online then hopefully your money would be kept in an escrow until you receive the item and plug it in to check.

Honestly the Coldkey scam is a shame for the community. The inventor sold part of the company for the price of 0.5 BTC to a German forum member and after the transaction was finished he destroyed the company by taking the funds of the sold coldkeys. Maybe with split key, this could somehow be prevented but I think it is not very practical.
The best I could find is this: https://www.cardwallet.com
They print the wallets under maximum security in the Austrian State Mint and therefore I doubt that something would go wrong. The wallet is however not really a collectible and more a tool in this moment.

That would be prevented because when it's bricked, it won't output its address, either. I'm trying to think of a technical way that prevents the actual maker to pre-sign a transaction. Since key generation and bricking are both done on-device, that would be secure against a malicious maker. Meanwhile, a PCB-level seal would allow the maker to get a signature before sealing it all up / adding resistor / whatever board-level measures are put in place that require physical breakage to later get to the coins again.

Is it a problem if you can only tell by plugging it in? I mean, sure, for reselling it would be better if it was more visual, but you could be scammed if someone uses a picture of a physically sealed item that they later peeled. On the other hand, the solution I suggested would allow the seller to sign the latest block hash and thus provide timestamped proof of funds.

I like the split key idea but it would have to be done with a PGP-signed open source program so that people know what they are dealing with. Better if it was written for all platforms and if there were iOS and Android apps for such a tool as well, so that the user avoids having to do anything.

There would be three separate workflows for user generating the private key, the operator making a "mutated" private key that they send to the user, and the third one would combine the two private keys into a keypair using whatever operation you prefer.

Alternatively this feature could be added to hardware wallets so that people avoid having to trust software in the first place (instead they just have to trust the hardware vendor to be genuine and that's it).

Now that would be dangerous. You accidentally sign a transaction to the wrong address, or with a sub 1 sat/vbyte fee, or with a locktime of block 1,000,000, or something else, and then the device bricks itself. Wave goodbye to your coins. Or you could accidentally send more coins to the collectible in the future, mixing it up for a similar one which is not bricked.

There needs to be some obvious way of telling whether the device is sealed or unsealed, much like an OpenDime does, but the device still needs to function regardless.

They can 'take' an open hardware & open source product, as long as they abide by the license (that usually requires them to release sources for their collectible, too - which I'd welcome anyway, though).

I would imagine this device to brick itself once it has signed a transaction, i.e. clear its keys (pivate and public) and stop responding to queries from the client. Just like visually inspecting a ripped hologram, a non-responsive device (or responding with a 'wiped' message) would indicate the same thing.

A physical seal such as on OpenDime, would of course work, as well.

It was in reference to a device like an OpenDime, which has to somehow be "unsealed" in order to sign a transaction. In the case of the OpenDime, you push an object through a small hole on the board, which unseats a chip on the other side and allows the private key to be accessed.

So prior to being unsealed, the device would be set up to allow people to sign arbitrary messages from it, proving that the necessary private key is indeed on the device, but it would have to be unsealed in order to sign a transaction. And once it has been unsealed, then at that point it cannot be sold to another person, since as you say a transaction could have been signed at any point, even if the coins are still present on the device.

I don't like to be the devil's advocate, however, a signed TX can be easily broadcasted anytime later. So no matter how smart the embedded device is, a previous owner can create and sign the transaction of spending the collectible's coins and... broadcast it years later. Or am I missing something?
Because if I'm right it's no use to embed smarter and more expensive devices into collectibles, this kind of stealing problems can still happen.

Difficult to say. A collectible producer obviously couldn't just take another company's tried and tested product and use it to start producing collectibles without risking running in to legal trouble. But if they instead had something specifically designed for them, then again it pushes the cost up and introduces a new device which has never been examined or tested by independent members of the community. I'm not sure the best solution to this which is both secure but also cheap.

Absolutely. I'm not really the target market for such things, and I only have one or two such things that I picked up in person at various meets and merchants, but I would only ever self fund such a device.

Sure; similar to any other hardware wallet (this would be a dumbed-down hardware wallet, in essence). But again, since those are sold dirt-cheap these days, even below the premium of these collectibles over their loaded value, it seems feasible. If they choose to use a smartcard chip, @tibu may have a business opportunity here. Not vouching for the security of his devices, as I never assessed it or even tested one of those cards, but that just sprung to mind.

He could also use this to impose a way higher premium (after-market prices..) or someone may just not be a daily Bitcointalk visitor. Collectibles as a general concept can be bought and stored for years or decades without 'checking on them' all the time. Imagine you're a big collector and suddenly you need to daily check that all the designers of all your Bitcoin collectibles are 'still trusted'. That can easily get out of hand.

Which is meaningless and provides zero protection.

Which means that all future owners of the coin still have to trust the manufacturer and the original owner.

But it has the same problem as above. It works for the first owner of the collectible, but all future owners have to have complete trust that the two split key parties won't collude to steal the coin.

That's a neat solution. Until of course someone finds a vulnerability and tricks it in to signing a transaction when it isn't supposed to.

True, but it also gives a false sense of security. The creator of some split key collectible could quite easily generate both parts himself, and then pose as a third party seller who says they generated half the split key. Any downstream seller then falsely believes it needs collusion between two parties to steal their coins, when in reality they are at just as much risk as they are now.

One coin at a time beats 100's, or thousands at a time like what happens now.

It gives people a fighting chance to detect it rather than hundreds of people getting their life savings stolen at once.

your forgetting 1 thing with split key generation. they are still your keys if you hold both pieces of the puzzle.

no one's custodial but the downstream owner.

therefore, colluding with a creator in this event would never yield a 100% rug sweep.

It would need some interface of course; USB being the cheapest and easiest to make. The device could e.g. sign messages to show that the (correct) key is there. As well as signing transactions, of course, to spend the funds from that key.

Yes, that's not going to work. If trust is just shifted around, it's pointless.

I mean, since people enjoy trading unique Bitcoin-related items, the most secure way would be to ditch the 'private key' aspect of them and make them just collectibles. No keys on them whatsoever. That makes sense.

Like most rug pulls in crypto / Bitcoin, they repeat quite frequently actually. All of the scams we have today already existed almost from its inception. Sometimes wrapped differently, sometimes blatantly copied.

---

Except that now whoever buys the coin from Alice, has to trust her. She may have a copy of the private key:

---

In case she can't get the partial private key from the coin without damaging it, she could collude with a malicious creator and get it that way (then e.g. split those stolen funds).

Most of these coins come with a certificate of authentication.
instead of releasing random coins they can make preorders,
buyer provides pub key and keeps partial priv.
maker creates
 the maker issue a template that the buyer prints half key on,
 if they resell it make sure its with it.
do a handwritten chain of ownership on the back(if wanted). if the holo is damaged its spent.
the only thing is a piece of paper to keep track of that everyone will, and does.
if the maker keeps all keys and get the single coin in hand again, they "could" sweep. a single coin.

but never an entire batch.

It's better than right now. they can all sweep. period.

Multisig is too risky. disagreement.

Split key generation would be user induced error.

There's a reason I've invested so much time in the splitkey ecosphere.    It's BTCrilliant  

I believe it was designed for this very scenario.  

Other projects like VanityPool used the same concepts and have never had an event.

From JLVS Github page
https://github.com/JeanLucPons/VanitySearch#generate-a-vanity-address-for-a-third-party-using-split-key

Generate a vanity address for a third party using split-key
It is possible to generate a vanity address for a third party in a safe manner using split-key.
For instance, Alice wants a nice prefix but does not have CPU power. Bob has the requested CPU power but cannot know the private key of Alice, Alice has to use a split-key.
*Added Or a Customer wants to buy a physical but doesn't want the issuing company knowing the key!

Step 1
Alice generates a key pair on her computer then send the generated public key and the wanted prefix to Bob. It can be done by email, nothing is secret. Nevertheless, Alice has to keep safely the private key and not expose it.

Note: The key pair is a standard SecpK1 key pair and can be generated with a third party software.

Step 2
Bob runs VanitySearch using the Alice's public key and the wanted prefix.

It generates a keyinfo.txt file containing the partial private key.

Bob sends back this file to Alice. It can also be done by email. The partial private key does not allow anyone to guess the final Alice's private key.

Step 3
Alice can then reconstructs the final private key using her private key (the one generated in step 1) and the keyinfo.txt from Bob.

How it works
Basically the -sp (start public key) adds the specified starting public key (let's call it Q) to the starting keys of each threads. That means that when you search (using -sp), you do not search for addr(k.G) but for addr(kpart.G+Q) where k is the private key in the first case and kpart the "partial private key" in the second case. G is the SecpK1 generator point.
Then the requester can reconstruct the final private key by doing kpart+ksecret (mod n) where kpart is the partial private key found by the searcher and ksecret is the private key of Q (Q=ksecret.G). This is the purpose of the -rp option.
The searcher has found a match for addr(kpart.G+ksecret.G) without knowing ksecret so the requester has the wanted address addr(kpart.G+Q) and the corresponding private key kpart+ksecret (mod n). The searcher is not able to guess this final private key because he doesn't know ksecret (he knows only Q).

Note: This explanation is simplified, it does not take care of symmetry and endomorphism optimizations but the idea is the same.




You guys can reinvent the wheel or overcomplicate things all you want but this is the cheap effective solution. no complicated signature chains , no more trust in the other person or makers.
just make a system based on split key generation. Anything else you can conjure up will be cost prohibitive or overthinking authoritative measures.


It's been done before on physicals. Not exactly as described but the groundworks all here
40mm x 3mm 30g Bitcoin Coin (loadable and customizable coin)

Ugh....if there were a 100% foolproof, failure-proof way of putting a private key onto something like a coin or other collectible thing I'd probably jump headfirst into that aspect of crypto collectibles.  But the fact is that I wouldn't buy a pre-loaded coin because I wouldn't be able to bring myself to unpeel it or otherwise damage it in order to access the key.

I traded a member here for a bunch of HW wallets, which I collect on a part-time basis, but even though I happen to like that member and really don't think he planted any landmines there's no way I'd put any crypto on a beaut like this:



Yeah, I remember the Gravitate fiasco very well, and that was over 6 years ago.  Maybe I was still naive, but I was actually surprised by what happened.

Ok sure, but how can you verify that the factory haven't influenced the private key in some way? How can you verify the private key is even there at all? As far as I am aware, not even something like OpenDime provides a zero knowledge way of confirming there is a private key on the device which corresponds to the address it is showing you. It's possible, but again it's all additional cost.

You could certainly set it up so the coins are spendable by the manufacturer generated private key after a specific time, or before that time by some other set of keys, but then when selling that collectible on then the new owner is still left with the issues of trusting the people holding this second set of keys.

I'm not sure which chip they use, but some chips are themselves made (from the factory) in a way that you can't extract any data from them (tamper-resistant or self-destructing when tampered). Such a chip should be used for this application.

That's true. I was thinking about something with 'emergency keys' (that could be used when people are alerted from one coin having been wiped by the designer - maybe collaboratively, to bypass the time lock) and more complicated crypto, but I don't think it is leading anywhere.

The complicated part isn't generating a random private key, but rather being able to prove to all future parties that it was both generated randomly and without influence, and has not been accessed or otherwise tampered with since then. Even with OpenDimes, has anyone verified that it is impossible to bypass the seal and view the private key without breaking the seal?

Surely any time lock which prevents the manufacturer from stealing the coins also prevents the users from moving the coins to safety.

Assuming a constant Bitcoin price, there could be 2 types:
(1) Low-value prefunded item: traditional way (trust the creator), cheap to manufacture, not too much risk if it gets wiped.
(2) Higher-value prefunded item: include chip that generates randomness internally on-device, stores it inside itself and can sign a transaction, but not output the key in plaintext (very similar to what hardware wallets do). Since hardware wallets with this type of chip can be bought for as low as 50 bucks on sale and have much more functionality, I assume that the functions I describe should be possible with a very cheap circuit board and much less coding. It shouldn't add more than $50 to the 'collectible premium'.

The only issue is when collectibles of the (1) type rise in value due to Bitcoin price increase. But at some point, the BTC value will exceed the 'collectible premium' you first paid for it anyway, so you won't lose anything from swiping it.

---

I'm currently also thinking about a Bitcoin script that would somehow prevent multiple collectibles to be spent in a single transaction and maybe even somehow time-locks them relative to each other (e.g. only 1 per day). That shouldn't inconvenience collectors too much, while preventing the designer to steal more than 1 item before people start talking to each other and doing something against it. I do think it's too complicated for Bitcoin script, though.

Yes, in that case a DIY solution is useless. DIY would only work if you are keeping it for yourself. Similarly any multi-sig or split key method between buyer and producer runs in to the same problems when it comes to resale, in that the new owner is just trusting two people instead of one.

You could essentially use something like OpenDime's system and embed that inside a coin, but yeah, then you are paying a premium for the collectible itself. I can't see any way to do it trustlessly for both the first buyer and all future buyers without electronics in the collectible, though.

What a lot of people are trying to come up with is a way that still allows for resale / trade.

Having me put the private key & hologram on the coin is no better then having the maker do it. You are just trusting a different person. And as they change hands over the years getting back to the person who made it, if it was not the original coin maker is going to be just about impossible.

NFC / RFID with a bit of 'intelligence' is an option that has been kicked around, but that can drive the cost way up.

Still a bit of a work in progress.

-Dave

If you want to do it completely trustlessly, then the only way to do it is a DIY solution where you add the key to the collectible yourself after you have received it.

You can spread the trust by having some kind of multi-sig set up where two or more different collectible producers add private keys to the collectible separately. But as mentioned, all you are doing there is spreading the trust, not eliminating it.

You could potentially do a multi-sig or split key set up where I generate one part and the collectible producer generates the other, but that then means your collectible on its own is worthless. Without my share/key/etc., then the collectible is unspendable, and you will have a hard time selling it to anyone else since they cannot trust that you and the producer are not conspiring together.

BIP38 doesn't work at all since at some point one party must know both the private key and the password.

I have a couple of pre-funded collectables, but they are low(ish) in value and realistically I don't trust them.  I would never keep a significant amount of value in key that was generated by someone else.

There may be a way to give the purchaser the control by forcing him to generate a key for a 2-of-2 multi-sig wallet in advance of the purchase.  But that could make the purchasing process more cumbersome for those who aren't technically inclined, and it would definitely put a crimp in the manufacturing process.

The collectible coin and card market is pretty cool and I would hate to see the recent events tarnish the segment, but I think the only safe way to purchase collectibles capable of holding funds is to only buy the DIY type.  Anything else is really the antithesis of all that bitcoin stands for.

I am not active in that board, but I thought that they were buying gold/silver/bronze holdings that have a value equal to the bitcoin you will pay, for example a card with about 3 grams of gold or some value and not preloaded addresses.

The solution is simple, which is to leave an empty place and then leave the choice to the person to download it or not, but the idea in itself is opposite to the way Bitcoin works.

I hope someone can explain to me more if I'm doing something wrong and I'll try to find out exactly what they're selling.

Thanks for bringing this to my attention; I rarely browse the Collectibles section. I've honestly never understood why people would want to buy loaded private keys and not sweep them immediately.
I do get the novelty / pleasure of a physical item that also holds value, but pre-loading is not the way to go.

Just look at this thread: https://bitcointalksearch.org/topic/info-breached-or-scam-coin-makers-list-3315347
It almost feels like every such company has gone full exit-scam sooner or later.

One idea could be that the collectible is semi-DIY. Such as a one-time stamp or something which lets you engrave your own private key.

my opinion is collectibles should be used as collectibles and nothing more then that. Removed loaded coins because there is no way to verify that their private key has not be compromised. The only way would be DIY coins which you load the coin after receiving it with your own private key but that defeats the reason you would want a "1 BTC" coin.

I don't know how many here pay attention to the collectibles area but there was an issue this week where one of the makers had kept a bunch of private keys and decided to take everyone's money:

https://bitcointalksearch.org/topic/--5434506
https://bitcointalksearch.org/topic/info-scammedpeeled-by-coldkey-5434598
https://bitcointalksearch.org/topic/krogothmanhattan-losses-from-the-coldkey-scam-5434597

I started a rant about funded things and someone else started a bit calmer topic about how to have people continue to keep making funded collectables while being more secure then just having 1 person make a private key:

https://bitcointalksearch.org/topic/rant-can-we-stop-with-the-coins-wallets-collectables-with-private-keys-5434653
https://bitcointalksearch.org/topic/idea-removing-trust-from-physical-coin-makers-re-priv-key-generation-5434754

Since a lot of the people who post here in the HW board tend to be more about security and tech then the collectable area was wondering if anyone else had any ideas on how to make it work better / more securely. Any useful input would be appreciated.

Side note, if anyone wants to donate there is a small auction being setup by one of the old school coin makers to help out people who lost BTC:
https://bitcointalksearch.org/topic/--5434623


-Dave