Topic: Why doesn't bitcoin have a "freeze" function? - page 2. (Read 1645 times)

Ever heard of credit card skimming? It captures the info on the magnetic strip and steals the credit card number and the CVV code. A camera records you as you enter your PIN code. I read a story a few years ago about a guy who worked at a gas station who was skimming the cards of some of the customers. He would first give them a fake lookalike device to swipe their card and enter their PIN. After that he would say, crap the device isn't working. Please try this one. He would then connect the real one and have them pay what they owed. There are ways to do it.

That's unimportant at this point. We aren't discussing potential punishments. 

Bitcoin isn't insured by the US government or anyone else either. Do you trust and use it?

that's easy to say but i don't know of any bitcoin service like that. unless my deposits are insured with them by the united states government then i can't really trust it. sorry.

OP, you want a “freeze feature” that works as closely like that to your credit/debit card account issued by your bank? Find a Bitcoin service that holds your all your keys for you, that also has developed as nice UI/UX. Bitcoin might not be user-friendly, but it works as intended and has always upheld it’s main value proposition.

Because there is something people carry around that lets them spend their bitcoin. It's called their smart phone. lose that and you might lose your bitcoin!



Well what if I said I wanted a way to "freeze" some bitcoin so that it can't be spent until a particular time in the future, at which point it would become "unfrozen", but if I wanted to, I could "refreeze" it. Would that also mean I didn't understand how bitcoin works? Why do I need to be able to specify for exactly how long I want it frozen for? What if I don't know exactly how long??

Yeah most wallets are not working that way though. all the pin/password does it secure the wallet ON THAT DEVICE. doesn't stop someone from importing the seed onto some other device and using a brand new password...you use core??

Without the password, a copy of a core wallet using a password is useless.
It does not give you access to unencrypted data, the password is part of the decryption of that data.

You don't need to create password with 5K character long, you just need password which easy to remember and hard to brute-forced.


Source: https://xkcd.com/936

Yeah but there's no way you are going to get the CVV number and expiration date. You might be able to get the numbers of the card but I'm not even sure about that. Some credit cards don't display the entire account # on your online account for that exact security reason!


You're confusing two very different things. You can't clone my credit card. It would take alot more than "a little bit of research". Plus, you could very well end up in jail if you weren't careful.  In addition, the PIN/password of a crypto wallet doesn't stop even yourself from cloning the wallet somewhere else with a new PIN/password of your own choosing. That's what people don't understand. They think they understand but they really dont.

Yes exactly. Which was my point. Larry doesn't understand that there is no equivalently low barrier to using funds in bitcoin like getting someone's credit card number. We walk around with our credit cards with all the numbers on the card. That's a low level of security to stop someone from using your credit card, so a freeze function in the bank account is useful. But the freeze function is only useful if you keep your account credentials safe.

In Bitcoin we don't carry around a card that lets us spend our bitcoin, their is only the higher account-level security - the thing you absolute must keep private. So it makes no sense to say there needs to be a freeze function in bitcoin, that'd be like saying you need a second freeze function in your bank account that freezes someone from even accesses the account itself, but then you'd need yet another "higher" account to freeze and unfreeze your account, and you'd still end up with the same solution of keeping your higher account credential private to keep someone from being able to unfreeze your lower account and unfreeze your funds. it's just infinite regress.

What it comes down to is in any system you have to keep SOMETHING private. With banks you need to try to keep your credit card info private but you also carry that info around in your wallet and type it into websites all the time so it's not that private, but you absolutely must keep your bank login credentials private, because a "freeze" function means nothing if that's not private. In bitcoin there is no credit card number that allows someone to spend your money, it's all in the private key that you must keep private, so it is the bank equivalent to your funds ALWAYS being frozen until you decide to do spend. A freeze function in bitcoin is nonsensical, as I already explained in my previous comment that is being quoted by Larry. Your private key security IS the freeze in Bitcoin.

To say Bitcoin needs a "freeze" function is to say you don't understand how Bitcoin works, Larry.

I don't need the card. I just need the numbers on it, the CVV number, and its expiration date and I can shop with it online. With a little bit of research, I could also replicate those numbers on a blank card with a piece of hardware and withdraw money from ATMs as well if I unfreeze it or if it already is unfrozen.

So you consider your credit card the first level of security and your online banking account the 2nd level? OK. In that case, why is your hardware or software wallet (protected with a PIN or password) not the first level of security, and your private keys or seed phrase not the 2FA? If you don't consider that to be optimal, you can introduce a passphrase or multisignature setup like mentioned above.

Well obviously the 2nd factor is the physical card itself! I didn't think that was necessary to explain but I guess it is. You're not going to be able to use the card if you don't have it. It's just that simple.

You just explained how your bank protects someone from using you credit card. The fact that your card is "frozen" provides no security whatsoever if someone knows how to access your online banking account. If I have your login data, I can unfreeze the card with the click of a button. Where is the second factor authentification for freezing and unfreezing if it can be done with the same password and account?

I believe it’s your comparison that’s bad. You merely think in terms of Bitcoin as a “UI” without understanding the protocol running behind it. You may think the freeze feature of your credit card is “amazing tech”, but your bank can freeze your ability to use the system anytime, and without your permission. It’s truly a laughable comparison.

Again, with your idea above there is no 2nd factor that is required to be able to spend from the private key if someone happens to know it. I appreciate that you think the way you generated the private key was clever, maybe it was but in the end, it's just a private key.


Well I'm not so sure I can agree that people are bad at generating strong passwords. Am I limited to the password's length? Can I make it 5000 characters long?

If you don't want to use multisig, you can just encrypt your private key with another private key, in this way you will still have single key that can be frozen/unfrozen (or rather encrypted/decrypted). Using a password is also possible, but less safe, because people are bad at generating strong passwords, that's why we use keys instead of passwords in the first place.

Also, you can encrypt signed transaction instead of encrypting your private key, in this way you can add some limits and restrict where funds can be sent after unlocking or how many coins could be sent somewhere, then you can never touch your private key as long as you don't want to change such conditions.

Yeah but he said "You freeze your funds when you keep your private key hidden, so your bitcoin is already always frozen." That's a bad comparison too because just keeping something "hidden" doesn't mean it's "frozen". If someone finds it, that would automatically "unfreeze" it without needing a 2nd factor.

Bad comparison.

Security through obscurity is hiding 'how' something works, and thus not secure in the true definition of the word, since it can usually be reverse engineered.

Security with a private key is security by definition - as long as the private key is complex enough to make a brute force attack pointless.

Security through obscurity (or security by obscurity) is the reliance in security engineering on design or implementation secrecy as the main method of providing security to a system or component

Here's the answer the OP is looking for:

So OP is saying he can freeze his account so nobody with his credit card info can spend it. BUT, he can unfreeze it by logging into his account and clicking a button. If someone got his account credentials then they could just unfreeze it themselves. In Bitcoin the private key corresponds to both account credentials and credit card number. Just as if he gave away his bank login credentials an attacker could do whatever they want with his funds, in Bitcoin if he gave away his private key the same thing would happen. There's no private info that allows spending but doesn't allow account control, like with credit cards, it's all just simplified to a single key you need to keep private. So there is no "freeze" option in bitcoin because there is no lower barrier to spending the funds like just getting your credit card info, so a freeze option isn't needed and doesn't even make sense. You freeze your funds when you keep your private key hidden, so your bitcoin is already always frozen.

Isn't it a little idiotic to compare those two just because the bank and you with your keys must handle the security of your money? I find the phrase “Be your own bank” a little misleading; maybe “Be your own sovereign” would be more proper.

In contrast with your node:

• A bank is a business. The bank does what it does, to earn money, to be maintained. You run your node (mostly) for personal reasons; you don't buy Bitcoins cheaper and sell them higher, as a bank would do, but rather use it as a wallet, so you can transact money with it.
• The bank has to play with the government's rules. But, you shouldn't fault the bank for freezing accounts to supposedly protect the society from money laundering. That's a government's command.