Pages:
Author

Topic: Theymos: “Bitcoins Belonging to Satoshi Should Be Destroyed” - page 8. (Read 18595 times)

full member
Activity: 152
Merit: 100
Worst idea ever.
Agreed.

If any coin is simply destroyed or vanish. I would simply sell all my coins as soon as possible, as they are not safe after all.
hero member
Activity: 709
Merit: 503
Point of information:  it is not the hashing algorithms that are QC vulnerable it is the ECCDSA that is vulnerable.  If/when QC becomes a reality we will have no trouble convincing a majority to move to a new DSA.  Deciding exactly which new DSA to move to may be an issue but after a lot of the standard drama that accompanies all decisions in Bitcoin, I believe a new DSA will be picked and we will move to it.  The hashing algorithms used can and will also be replaced/upgraded as needed (just not due to QC).
Oh.  Where is ECDSA https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm used in Bitcoin?  If that can be changed without me giving up my current private keys and Bitcoin addresses then this whole topic is noise.
Found it; https://en.bitcoin.it/wiki/Elliptic_Curve_Digital_Signature_Algorithm.  So, yeah, this topic useless; move on.
Actually, this discussion is all about whether or not you should have to give up your current addresses.  Any new algorithm would require new addresses and new private keys.  Your existing private key and address could not be ported (for lack of a better word), and the discussion technically revolves around whether or not you have the right to keep using the pair even after it could be vulnerable to attack.
No.  The private key and corresponding public key (a.k.a. your Bitcoin address) do not have to change at all.  Rather, if/when we change the DSA from ECDSA (which is QC vulnerable) to another DSA which is QC resistant then your wallet software will have to be changed to use the new DSA; that's all; nothing else.

If we don't change the DSA to one that is QC resistant then bad actors (with enough moxie) will be able to sign messages moving bitcoins they have no right to move.
hero member
Activity: 807
Merit: 500
Point of information:  it is not the hashing algorithms that are QC vulnerable it is the ECCDSA that is vulnerable.  If/when QC becomes a reality we will have no trouble convincing a majority to move to a new DSA.  Deciding exactly which new DSA to move to may be an issue but after a lot of the standard drama that accompanies all decisions in Bitcoin, I believe a new DSA will be picked and we will move to it.  The hashing algorithms used can and will also be replaced/upgraded as needed (just not due to QC).
Oh.  Where is ECDSA https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm used in Bitcoin?  If that can be changed without me giving up my current private keys and Bitcoin addresses then this whole topic is noise.
Found it; https://en.bitcoin.it/wiki/Elliptic_Curve_Digital_Signature_Algorithm.  So, yeah, this topic useless; move on.
Actually, this discussion is all about whether or not you should have to give up your current addresses.  Any new algorithm would require new addresses and new private keys.  Your existing private key and address could not be ported (for lack of a better word), and the discussion technically revolves around whether or not you have the right to keep using the pair even after it could be vulnerable to attack.

ETA: Since Theymos' suggestion technically has to do with the age of the input, one could argue that you could pay the coins forward to yourself in order to decrease the age and continue using the old keys and addresses, but that argument would be petty and stupid considering the fact that the subsequent exposure of a signature to move coins would most likely increase your vulnerability.  This is also a problem with arguments like "if someone proves they own them, they should be able to keep them" because said proof would likely increase vulnerability.

ETA2:  To be clear, I would agree with BurtW and jbreher here, but the primary purpose of this post was to clarify what the argument is actually about in terms more familiar to your concerns.

ETA3:  Also, there is no reason the new outputs can't continue to accept old inputs, the misguided suggestion is that they shouldn't after a certain point in time.
hero member
Activity: 709
Merit: 503
Point of information:  it is not the hashing algorithms that are QC vulnerable it is the ECCDSA that is vulnerable.  If/when QC becomes a reality we will have no trouble convincing a majority to move to a new DSA.  Deciding exactly which new DSA to move to may be an issue but after a lot of the standard drama that accompanies all decisions in Bitcoin, I believe a new DSA will be picked and we will move to it.  The hashing algorithms used can and will also be replaced/upgraded as needed (just not due to QC).
Oh.  Where is ECDSA https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm used in Bitcoin?  If that can be changed without me giving up my current private keys and Bitcoin addresses then this whole topic is noise.
Point of information:  it is not the hashing algorithms that are QC vulnerable it is the ECCDSA that is vulnerable.  If/when QC becomes a reality we will have no trouble convincing a majority to move to a new DSA.  Deciding exactly which new DSA to move to may be an issue but after a lot of the standard drama that accompanies all decisions in Bitcoin, I believe a new DSA will be picked and we will move to it.  The hashing algorithms used can and will also be replaced/upgraded as needed (just not due to QC).
Oh.  Where is ECDSA https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm used in Bitcoin?  If that can be changed without me giving up my current private keys and Bitcoin addresses then this whole topic is noise.
Found it; https://en.bitcoin.it/wiki/Elliptic_Curve_Digital_Signature_Algorithm.  So, yeah, this topic is useless; move on.
newbie
Activity: 56
Merit: 0
... I agree perfectly well with you that if (legitimate) ownership can be established, the coins should be left alone and that ownership absolutely should be respected.

No. Until it is conclusively shown that legitimate owner has zero interest in the coins, only he has the right to decide what's to be done with those coins.
legendary
Activity: 1708
Merit: 1036
I see your point, jbreher. But I cannot agree with it. It would make me the accomplice of thieves, their enabler, and an actor with malicious intent against all other bitcoin owners. That is where my moral principle leaves me. It is interesting that the same motives (concern for ownership rights) can lead to such opposite conclusions.
newbie
Activity: 56
Merit: 0
... Let's say I'm the Grand Overlord of Bitcoin, with unilateral power to act, and I'm faced with this situation.
Fails as a hypothetical right there. What you're describing is the job of central banks. Bitcoin's defining quality is *not* having such an entity.

Quote
If I do nothing, the abandoned coins are stolen. But abandoned coins have no worth to their owner anyway, so the owner is not losing anything.
Both assumptions are unreasonable, making this hypothetical irrelevant. If we could show, with 100% certainty, that "coins have no worth to their owner anyway," there'd be no point to any of this. Starting with faulty premises has a very high chance of resulting in false conclusions.
legendary
Activity: 3038
Merit: 1660
lose: unfind ... loose: untight

Again, in case you are still blind to the moral principle, the only person who has a legitimate claim on managing the risk is the owner of the coins themselves. Any lesser standard is simply theft.

I'm sensitive to accusations of lacking moral principle, so let me take one more stab at this. Let's say I'm the Grand Overlord of Bitcoin, with unilateral power to act, and I'm faced with this situation.

If I do nothing, the abandoned coins are stolen.

That does not justify you stealing them before the other party can steal them.

Quote
But abandoned coins have no worth to their owner anyway, so the owner is not losing anything.

Up until the very instant they are stolen, the owner has potential value. The exact instant some other actor might steal them is literally un-knowable. Ergo, at the instant you (either a single Bitcoin Overlord or the collective) steal them, it was at a point in time that the coins had potential value to the rightful owner.

Quote
The thieves gain,

I'm with with you so far....

Quote
and all law-abiding bitcoin owners suffer from dilution of the market

...nope. Lost me. Wait - not 'lost me' - you are wrong. There is no dilution - those coins already existed. Their potential value may at any time up until the theft may be converted to actual value by the rightful owner.

Quote
with the stolen coins and the loss of confidence in bitcoin.

The loss of confidence due to the ability to crack an obsolete format key pales in significance to the loss of confidence in bitcoin due to the manifest will for the collective to change the rules to invalidate keys.

Quote
Outcome: failure of moral principle,

Bullshit. It is never moral to steal, even though the objective be to prevent some other from stealing.

Quote
as law-abiding people suffer, while lawbreakers gain.

The law abiding suffer no loss. That other thief may gain, sure. But what of the rightful owner? Again, you have no means of determining exactly when that other thief will act. The management of the risk of such theft is solely the prerogative of the rightful coin owner.

Quote
Obviously, this all hinges on the degree to which efforts are made to reach everyone and get them to take the necessary action. It would be a failure of moral principle to do less than the utmost in reaching out to everyone and accommodating them as well as possible in assisting them with acting to safeguard their coins. For this, the elements of time, maximum communication/broadcasting through all available venues, and clarity of the warning would be critical.

Necessary yet insufficient.
sr. member
Activity: 266
Merit: 250
If other people's property can be destroyed based on public consensus and fear-mongering, what is the purpose of having a de-centralised system?

Unless Theymos thinks there is a conspiracy behind Satoshi's cache of coins which is a potential Bitcoin kill switch ...
legendary
Activity: 1708
Merit: 1036
You will just be losing them to thieves.

Those coins belong to the owner. They do not belong to you and they do not belong to the collective. It is solely the owner's prerogative to manage the risk of theft. Your initiative to steal them is no more justified than the other thief you postulate.

Thank you for exposing yourself as totally bereft of any moral principles.

Incidentally, BurtW has already fully explained the real risk to overall network value, which is that people will not trust a network that has demonstrated the will to render private keys meaningless.

eta: apostrophe, spelling

In this scenario, the coins have been abandoned. I think this sums up our conflict. I agree perfectly well with you that if (legitimate) ownership can be established, the coins should be left alone and that ownership absolutely should be respected.
legendary
Activity: 1708
Merit: 1036

Again, in case you are still blind to the moral principle, the only person who has a legitimate claim on managing the risk is the owner of the coins themselves. Any lesser standard is simply theft.

I'm sensitive to accusations of lacking moral principle, so let me take one more stab at this. Let's say I'm the Grand Overlord of Bitcoin, with unilateral power to act, and I'm faced with this situation.

If I do nothing, the abandoned coins are stolen. But abandoned coins have no worth to their owner anyway, so the owner is not losing anything. The thieves gain, and all law-abiding bitcoin owners suffer from dilution of the market with the stolen coins and the loss of confidence in bitcoin. Outcome: failure of moral principle, as law-abiding people suffer, while lawbreakers gain.

If I do act to destroy the abandoned coins after trying to get everyone to move coins to the QC-resistant haven, the original owners lose them. But they had no value to the owners anyway, or they would have acted to retain the coins. By destroying the coins I prevent thieves from gaining, and safeguard the value of the coins held by all law-abiding bitcoin owners. Outcome: Moral principle against theft is upheld, as thieves are thwarted and law-abiding people have the value of their bitcoin maintained.

Obviously, this all hinges on the degree to which efforts are made to reach everyone and get them to take the necessary action. It would be a failure of moral principle to do less than the utmost in reaching out to everyone and accommodating them as well as possible in assisting them with acting to safeguard their coins. For this, the elements of time, maximum communication/broadcasting through all available venues, and clarity of the warning would be critical.
newbie
Activity: 56
Merit: 0
...
Thanks. I'm sure I've got an ancient, already-dented SM58 around here somewhere...
That stuff clogging the windscreen? Yeah, that's vomit Cheesy

Unless you've run a for-hire sound co, you have no idea how bad it can actually get.

Worse. I crewed Sad
legendary
Activity: 3038
Merit: 1660
lose: unfind ... loose: untight
You will just be losing them to thieves.

Those coins belong to the owner. They do not belong to you and they do not belong to the collective. It is solely the owner's prerogative to manage the risk of theft. Your initiative to steal them is no more justified than the other thief you postulate.

Thank you for exposing yourself as totally bereft of any moral principles.

Incidentally, BurtW has already fully explained the real risk to overall network value, which is that people will not trust a network that has demonstrated the will to render private keys meaningless.

eta: apostrophe, spelling
legendary
Activity: 3038
Merit: 1660
lose: unfind ... loose: untight
...
Thanks. I'm sure I've got an ancient, already-dented SM58 around here somewhere...
That stuff clogging the windscreen? Yeah, that's vomit Cheesy

Unless you've run a for-hire sound co, you have no idea how bad it can actually get.
legendary
Activity: 1708
Merit: 1036
But in the actual example, the only coins affected are those that have been for all practical purposes abandoned - and WILL be stolen.

Bull-fucking-shit. You ('you' being anyone or any group of people) have absolutely no way of knowing whether or not those coins are abandoned. You also have no way of knowing when or even if they will be stolen.

Again, in case you are still blind to the moral principle, the only person who has a legitimate claim on managing the risk is the owner of the coins themselves. Any lesser standard is simply theft.

If you have a mic, it needs to be dropped.

Nope.

As I understood it, in the scenario Theymos outlined, QC technology has reached a point where it is apparent the existing bitcoin protocol WILL be compromised. So a hard fork is developed that will be QC-resistant. Everyone is asked to take action (moving coins in some fashion) into the new QC-resistant haven. Those who do not are leaving their coins where they will become vulnerable to theft using the new QC technology.

So the claim that "You have absolutely no way of knowing whether or not those coins are abandoned" is not accurate. Clearly they _are_ abandoned at this point, by the failure to take action to keep or safeguard the coins. You can't dump cash on a busy street, drive away, and still claim ownership in any meaningful sense.

By rejecting Theymos' suggestion, all you will be achieving is leaving some fraction of all bitcoins available for the first people with the QC technology to sweep up all the loose coins at will. You won't be saving them from evil devs. You will just be losing them to thieves. And then everyone else with bitcoin suffers as the market collapses from the shock of such stupidity in allowing this to happen.

newbie
Activity: 56
Merit: 0
...
Thanks. I'm sure I've got an ancient, already-dented SM58 around here somewhere...

That stuff clogging the windscreen? Yeah, that's vomit Cheesy
legendary
Activity: 3038
Merit: 1660
lose: unfind ... loose: untight
But in the actual example, the only coins affected are those that have been for all practical purposes abandoned - and WILL be stolen.

Bull-fucking-shit. You ('you' being anyone or any group of people) have absolutely no way of knowing whether or not those coins are abandoned. You also have no way of knowing when or even if they will be stolen.

Again, in case you are still blind to the moral principle, the only person who has a legitimate claim on managing the risk is the owner of the coins themselves. Any lesser standard is simply theft.

If you have a mic, it needs to be dropped.

Thanks. I'm sure I've got an ancient, already-dented SM58 around here somewhere...
legendary
Activity: 2436
Merit: 1366
I don't really know what to say about this sentence. It has a good point.
But I still feel like it shouldn't be done still. It is too early. I feel like Satoshi will move them one day.
newbie
Activity: 56
Merit: 0
huge fraction of coins fall into the hands of thieves eager to dispose of them would be a neutral or transient event.

Why would thieves be any more eager to dispose of those coins than the rightful owners? Because storing your wealth in BTC is unreasonable? Because BTC is not fungible? Because someone might come along and decide that the coins are stolen, and should be destroyed? 
If some or all of the coins were moved, how would you even know if it's due to theft (and not the rightful owners moving them)?
Pages:
Jump to: