Topic: Theymos: “Bitcoins Belonging to Satoshi Should Be Destroyed” - page 8. (Read 18507 times)

https://en.wikipedia.org/wiki/Post-quantum_cryptography

Agreed.

If any coin is simply destroyed or vanish. I would simply sell all my coins as soon as possible, as they are not safe after all.

No.  The private key and corresponding public key (a.k.a. your Bitcoin address) do not have to change at all.  Rather, if/when we change the DSA from ECDSA (which is QC vulnerable) to another DSA which is QC resistant then your wallet software will have to be changed to use the new DSA; that's all; nothing else.

If we don't change the DSA to one that is QC resistant then bad actors (with enough moxie) will be able to sign messages moving bitcoins they have no right to move.

Actually, this discussion is all about whether or not you should have to give up your current addresses.  Any new algorithm would require new addresses and new private keys.  Your existing private key and address could not be ported (for lack of a better word), and the discussion technically revolves around whether or not you have the right to keep using the pair even after it could be vulnerable to attack.

ETA: Since Theymos' suggestion technically has to do with the age of the input, one could argue that you could pay the coins forward to yourself in order to decrease the age and continue using the old keys and addresses, but that argument would be petty and stupid considering the fact that the subsequent exposure of a signature to move coins would most likely increase your vulnerability.  This is also a problem with arguments like "if someone proves they own them, they should be able to keep them" because said proof would likely increase vulnerability.

ETA2:  To be clear, I would agree with BurtW and jbreher here, but the primary purpose of this post was to clarify what the argument is actually about in terms more familiar to your concerns.

ETA3:  Also, there is no reason the new outputs can't continue to accept old inputs, the misguided suggestion is that they shouldn't after a certain point in time.

Oh.  Where is ECDSA https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm used in Bitcoin?  If that can be changed without me giving up my current private keys and Bitcoin addresses then this whole topic is noise.
Found it; https://en.bitcoin.it/wiki/Elliptic_Curve_Digital_Signature_Algorithm.  So, yeah, this topic is useless; move on.

No. Until it is conclusively shown that legitimate owner has zero interest in the coins, only he has the right to decide what's to be done with those coins.

I see your point, jbreher. But I cannot agree with it. It would make me the accomplice of thieves, their enabler, and an actor with malicious intent against all other bitcoin owners. That is where my moral principle leaves me. It is interesting that the same motives (concern for ownership rights) can lead to such opposite conclusions.

Fails as a hypothetical right there. What you're describing is the job of central banks. Bitcoin's defining quality is *not* having such an entity.

Both assumptions are unreasonable, making this hypothetical irrelevant. If we could show, with 100% certainty, that "coins have no worth to their owner anyway," there'd be no point to any of this. Starting with faulty premises has a very high chance of resulting in false conclusions.

That does not justify you stealing them before the other party can steal them.


Up until the very instant they are stolen, the owner has potential value. The exact instant some other actor might steal them is literally un-knowable. Ergo, at the instant you (either a single Bitcoin Overlord or the collective) steal them, it was at a point in time that the coins had potential value to the rightful owner.


I'm with with you so far....


...nope. Lost me. Wait - not 'lost me' - you are wrong. There is no dilution - those coins already existed. Their potential value may at any time up until the theft may be converted to actual value by the rightful owner.


The loss of confidence due to the ability to crack an obsolete format key pales in significance to the loss of confidence in bitcoin due to the manifest will for the collective to change the rules to invalidate keys.


Bullshit. It is never moral to steal, even though the objective be to prevent some other from stealing.


The law abiding suffer no loss. That other thief may gain, sure. But what of the rightful owner? Again, you have no means of determining exactly when that other thief will act. The management of the risk of such theft is solely the prerogative of the rightful coin owner.


Necessary yet insufficient.

If other people's property can be destroyed based on public consensus and fear-mongering, what is the purpose of having a de-centralised system?

Unless Theymos thinks there is a conspiracy behind Satoshi's cache of coins which is a potential Bitcoin kill switch ...

In this scenario, the coins have been abandoned. I think this sums up our conflict. I agree perfectly well with you that if (legitimate) ownership can be established, the coins should be left alone and that ownership absolutely should be respected.

I'm sensitive to accusations of lacking moral principle, so let me take one more stab at this. Let's say I'm the Grand Overlord of Bitcoin, with unilateral power to act, and I'm faced with this situation.

If I do nothing, the abandoned coins are stolen. But abandoned coins have no worth to their owner anyway, so the owner is not losing anything. The thieves gain, and all law-abiding bitcoin owners suffer from dilution of the market with the stolen coins and the loss of confidence in bitcoin. Outcome: failure of moral principle, as law-abiding people suffer, while lawbreakers gain.

If I do act to destroy the abandoned coins after trying to get everyone to move coins to the QC-resistant haven, the original owners lose them. But they had no value to the owners anyway, or they would have acted to retain the coins. By destroying the coins I prevent thieves from gaining, and safeguard the value of the coins held by all law-abiding bitcoin owners. Outcome: Moral principle against theft is upheld, as thieves are thwarted and law-abiding people have the value of their bitcoin maintained.

Obviously, this all hinges on the degree to which efforts are made to reach everyone and get them to take the necessary action. It would be a failure of moral principle to do less than the utmost in reaching out to everyone and accommodating them as well as possible in assisting them with acting to safeguard their coins. For this, the elements of time, maximum communication/broadcasting through all available venues, and clarity of the warning would be critical.

Worse. I crewed

Those coins belong to the owner. They do not belong to you and they do not belong to the collective. It is solely the owner's prerogative to manage the risk of theft. Your initiative to steal them is no more justified than the other thief you postulate.

Thank you for exposing yourself as totally bereft of any moral principles.

Incidentally, BurtW has already fully explained the real risk to overall network value, which is that people will not trust a network that has demonstrated the will to render private keys meaningless.

eta: apostrophe, spelling

Unless you've run a for-hire sound co, you have no idea how bad it can actually get.

Nope.

As I understood it, in the scenario Theymos outlined, QC technology has reached a point where it is apparent the existing bitcoin protocol WILL be compromised. So a hard fork is developed that will be QC-resistant. Everyone is asked to take action (moving coins in some fashion) into the new QC-resistant haven. Those who do not are leaving their coins where they will become vulnerable to theft using the new QC technology.

So the claim that "You have absolutely no way of knowing whether or not those coins are abandoned" is not accurate. Clearly they _are_ abandoned at this point, by the failure to take action to keep or safeguard the coins. You can't dump cash on a busy street, drive away, and still claim ownership in any meaningful sense.

By rejecting Theymos' suggestion, all you will be achieving is leaving some fraction of all bitcoins available for the first people with the QC technology to sweep up all the loose coins at will. You won't be saving them from evil devs. You will just be losing them to thieves. And then everyone else with bitcoin suffers as the market collapses from the shock of such stupidity in allowing this to happen.

That stuff clogging the windscreen? Yeah, that's vomit

Thanks. I'm sure I've got an ancient, already-dented SM58 around here somewhere...

I don't really know what to say about this sentence. It has a good point.
But I still feel like it shouldn't be done still. It is too early. I feel like Satoshi will move them one day.

Why would thieves be any more eager to dispose of those coins than the rightful owners? Because storing your wealth in BTC is unreasonable? Because BTC is not fungible? Because someone might come along and decide that the coins are stolen, and should be destroyed? 
If some or all of the coins were moved, how would you even know if it's due to theft (and not the rightful owners moving them)?