Topic: The NEXT generation of Physical Bitcoins... - page 9. (Read 19104 times)

I considered burning down our offices and relocating after each production run, but after running the cost-benefit analysis...we decided against it.

don't forget to destroy the drum roller

I LOVE the spirit of a coin "kit" and I think well be able to make that happen in the near future with what we're working on.  It's a more technical hurdle than we originally anticipated.  We released this version of the coins to help augment the investor dollars that we're using to innovate in this space.  

I honestly haven't found a good way to answer the question of "how do I know TitanBTC isn't keeping a copy of the private key".  A lot of people asked the same questions of Mike Caldwell early on and I think it will just take time for us to prove our competence and trustworthiness to the community.  

In short, the computers that generate those keys are offline.  We're using a DB of random numbers generated from an atmospheric noise variable, similar to what you'll get from random.org.  We purge the page files on the hard drives in those computers on a scheduled basis to make sure there's no lingering data signatures.  We think we've got a good method of clearing any temporary data from the cache on our printers, but I won't hesitate to say that the process can be improved and I welcome any input on how we could make it better.  I've reached out to Mike, but have yet to connect with him.  He may be thinking we're competition.  I hope not.

The bottom line is that I don't want to rush that period of "getting to know us" because its important that the community rejects bad ideas and scammers.  In fact, I really appreciate how fiercely this community defends it ideologies.  This thread was meant to help my team explore new ideas as we try to perfect the system for physical bitcoins once and for all.  Thank you sincerely for the feedback.

this is a great idea.

if designed properly this could be a winner.

We do sell these coins with the private key included as an option for those that don't want to use the 2-factor authentication "Coin registration".  Sometime next week, you'll be able to choose to have the private key included when you add the coins to your cart on our site.  I'll make another thread here when we open that up.  We're trying to get ahead a bit on production before selling those, as I would expect they will go pretty quickly based on what this community wants in a physical bitcoin. 

As I've said before, trusting us to provide that 2FA service seems to be a benefit for people just learning about bitcoins, as opposed to a drawback.  We've even had people that asked us to set up their wallet for them when they redeemed their coin.  I was HAPPY to do that, because it means that they're looking to spend some bitcoins and are now officially part of our community.  It also meant that they were trusting our company (and myself) implicitly.  I'm OK with that trust because I know i'm not going to abuse it, but I appreciate the fundamental reasons to avoid those situations.   

I like the idea of symmetric keys a lot!  The only drawback is that the loss of one of the keys makes the coin's unredeemable.  Perhaps that is an unavoidable consequence of 2-factor authentication, but this is the kind of dialogue that the community needs to keep going.  I'm confident that there is a long term solution and we're working on one now that we think will solve these problems.


 

I've been seeing those Titan coins popping up on ebay. I love the look!

Not good enough. Many people (like me) got into bitcoin precisely because they want to eliminate counter party risk. A coin like this is something I might give to my children some day. Assuming TitanBTC will still be around in 25+ years from now would be foolish.


That sounds good. But how do I know a copy of the private key is not stored at TitanBTC where it was created? Or if it was securely generated using a true random number generator?

I'm not sure if this is possible but what I would like to see is some kind of kit. E.g. a coin where I can inject my own private key and seal it with a secure hologram. (Similar to a paper wallet kit). But I guess it wouldn't be a TitanBTC anymore at that point. It would be a coin wallet.

Yeah I think I'd rather just have the private key under the hologram (optionally encrypted with a symmetric key when ordered).  Having to depend on your site still running in 10/20/50 years is kind of unacceptable - you can't predict whether you'll still be in business, and if you aren't for some reason, the coins would be worthless bitcoin-wise.  The symmetric keys that unlock each coin could be kept encrypted separate from the coins (like on mega.co.nz) by the user, so that any stolen coins would be useless. The only downside would be that the stored bitcoins would be unrecoverable if physically stolen.  Having an advanced option like this would entice me to buy these.  I hope you add something like this in the future!  Nice looking product!

Received email confirmation for my Titan Coin:
Ordered it the evening of October 14th.


Your Titan Bitcoin order #xxxx-xxxx-xxxx has shipped and should arrive in 2-3 days.

Email confirmation number:  xxx-xxx

IMPORTANT: As a security measure, Titan Bitcoins are shipped "un-funded".  The email confirmation number above is required in order to register your coins.  Simply follow the three steps below and the funds on your coin will be immediately available for redemption.

Step 1: Visit http://www.titanbtc.com/verify and type in your coin’s ID.  You can find the ID number directly below the bar code on the coin’s reverse.  Alternatively, scanning the coin’s bar code will take you directly to the coin’s ID page.
 
Step 2: Fill in the “Fund this Coin” registration form and click the “Submit” button.  You will need the email confirmation number found above, as well as the 10-digit delivery confirmation number that is printed on the packing slip included with your order.  When filling in the registration email and password fields, make sure you use an email address that you have access to.
 
Step 3:  Click on the confirmation link that was sent to your email.  You will be redirected to a “Registration Complete” page and your coin is now redeemable for bitcoins in your wallet at any time.  To learn more, visit http://www.titanbitcoin.com/.

Sure, China...
http://blogs.wsj.com/chinarealtime/2009/06/29/china-cracks-down-on-virtual-currency-for-real/
But not even there are either of the activities I listed illegal.

Tencent still distributes its own currency, QQcoin.  It is perfectly legal to do so, in China and everywhere else.
Its a pet peeve, I don't mean to derail your thread.  These phantom laws and imaginary government FUDs get annoying.  It is getting so that some people expect everything to be illegal.  When that happens, their respect for law tends to fail altogether because they can't tell the difference, and worse they have lost track of what ought to be illegal and what ought not be illegal and why.

I think he (or she) may be referring to the laws in some countries regarding creating virtual currencies that are exchanged for real goods.  I'm just guessing at the objection though.  China for example has limitations that were put in place after QQcoin became so popular there.  I seem to recall Germany having some regulations regarding companies/websites that offer digital credits that are redeemed for real goods.

Wopwop, if you could be more specific I'd be happy to do some more research.  I'm fortunate enough to have a lot of legal resources and counsel at my disposal.  If there are laws to the effect that you're suggesting, I think most physical bitcoin makers are going to be in violation since many governments are now recognizing bitcoin as currency.

In what country is it illegal to distribute privately minted precious metals containing writings?
and
In what country is it illegal to distribute your own currency?

Surely the 'TitanBTC' would just be considered as the manufacturer or brand name of a company producing circular rare metal pieces?

Making them redeemable is irrelevant. I could make a pound coin into a Bitcoin if I added a private key or a redeemable code to it. What then? By your logic the Dollar is now not real currency because its not redeemable against anything?

It's in no way a currency of its own because if you remove it's private key or redeemable code then its just a piece of rare metal, exchangeable for nada except its fiat monetary value. And it is no way centralized, because regardless how many coins TitanBTC offers he can not regulate the flow or change the price of Bitcoin or the market.. All he is doing is creating a new medium between consumer and market.

Do you have a specific legal precedent that you're concerned about on our behalf?  I think I'll have trouble addressing your concerns from a legal standpoint without some more particular detail.  I have discussed our model at length with representatives from FinCEN and we're working towards compliance as an MSB under the rules for a currency exchange.   

In regards to our 2-factor authentication and cold-storage, we're a service provider.  When you purchase a Titan Bitcoin, you are getting the BTC that goes with it.  It is stored on a single address until such time as the coin is redeemed, at which point the coin is transferred to the address of your choosing.  For those that don't want to take advantage of that service, we'll also be offering coins with the private keys included underneath the hologram shortly.

Feel free to PM me with questions.

Happy to explain data security.  We use Rackspace for hosting the front end of the website at the moment, with an edge server for DDOS protection in front.  Amazon Web Services is a backup.  The database servers where coin info is stored are encrypted 5 layers deep.  This is a system of encryption that was developed by researchers at MIT and decryption keys are issued based on access levels.  Access is granted to decrypt certain parts of the database in stages, as the client enters in protected information.  Root access info is not stored on the server in any form, so there isn't any way for someone to get the info from the database even if they have a complete copy of the server code and DB.

Besides that though, the private keys for these coins are in cold storage and are not kept on the servers.  Each coin basically has its own wallet.  

  

  

Your 'TitanBTC' are not BTC, they are TitanBTC. Your coins are 'redeemable in Bitcoin'. Just like US dollars used to be 'redeemable in gold'.

So your selfmade currency TitanBTC has little to do with bitcoin, except that they are redeemable to BTC at your private 'central bank'.

This isn't a currency exchange, this is a currency by its own. A centralized currency.

Ok wait so there is another party involved running the servers? What's to stop them from sweeping the database of information for redeeming the bitcoins?

Seems like too many hands in the cookie jar to me.

Or am I missing something?

Perhaps you should address how your system being run by another party is indeed secure.

I respect your opinion, but humbly disagree.  In regard to the legality, we're classified as a currency exchange according to U.S. law. 

If there were a governing body limiting the forms that bitcoin could take, then perhaps we might run afoul of that institution.

Fortunately, the bitcoin community isn't "big government".

Thanks Ninja!  We're pretty confident that we can keep the website open for many years, even if the company that runs it went under tomorrow.  We've got redundant server systems with prepaid hosting and some other tricks.  

With that being said, I totally agree that some people aren't going to be comfortable relying on our website being around.  For people that choose not to take us up on the 2-factor authentication service we're providing, we'll be rolling out coins with private keys included underneath the hologram next week.  These coins will work just like any other physical bitcoin (with all the same vulnerabilities) and we'll gently recommend that people don't resell them, but I'm happy to be flexible with what this community is looking for.

Sounds more like degeneration as its a centralized subcurrency of bitcoin

Not to mention it's illegal to distribute your own currency in most countries