Bitcoin Forum

The recent hack of Binance which resulted into the loss of 7,000 Bitcoin valued approximately around $40 Million shocked and dismayed many people in the world of cryptocurrency all because we are assuming too much that as the leader Binance is employing the best security technology they can find but alas hackers are always one step ahead of the game.

Now, there is this talk about the "rollback" which can possibly reverse the 7,000 BTC transfer. This is considered to be conroversial since we don't know the possible consequences and there is the need to get the support of at least 51% of miners.

I think that it is really about time that the industry find an acceptable solution in case of a major hack as it can be frustrating to just watch the hacked Bitcoin moving from one address to another while you are helpless about it.

Binance pulled back and decided not to continue campaigning for it. Plus if anyone believes that it's a good idea to let miners roll back the hackers' transaction, then they are stupid.

I'd like to see them try a rollback... Even if you have 51% of the miners helping out, it's still allmost impossible.

If you have 51% of the hashrate, it's pretty easy to orphan the last couple of blocks by building a longer (more work), alternative blockchain... But at this point the "stealing"  transaction has 221!!! confirmations
(https://www.blockchain.com/btc/tx/e8b406091959700dbffcff30a60b190133721e5c39e89bb5fe23c5a554ab05ea)

This means that the last 221 blocks have to be re-created, and by the time these blocks have been re-mined, the 49% "leftover" miners will probably have mined an additional ~218 blocks... So the 51% of the miners have to re-mine those 218 blocks aswell... But by the time these blocks have been re-mined the 49% will have mined an additional ~215 blocks (so they still have the chain with the most work and the 51% have to catch up those ~215 blocks)... And so on, and so on...

Basically, even if you have 51% of the hashrate, it'll take months before your alternative chain (not including the thief's transaction) will be longer and have more work done than the chain including the thief's transaction... You'll basically invalidate 49% of the miner's blocks' and cause huge losses (not only for the miners, but also for other people that have valid transactions that are only included in the blocks mined by the 49%)... not a good situation...

I don't see an elegant sollution for this problem... This is the other side of immutability, once a transaction is confirmed, it's confirmed... You can talk all you want, but pulling off a succesfull rollback is allmost impossible.. Just imagine the cost of having to hire 51% of the miners for a couple of months, it'll be much higher than the $40.000.000 that have been stolen in the first place.

It's not happening,

https://twitter.com/cz_binance/status/1125996194734399488


It will just undermined blockchain, good to hear this kind of suggestions by those knowledgable minds but it won't work. Not even the genius mind of Tony Starks will actually go this far.  ;D

I remember the scene from Avengers where the Hulk explains that what happens in the past cannot be changed, and if it does, the future is somewhat ruined. If the rollback is done, imagine how much damage it could do to the whole bitcoin network just for the benefit of one network. It's a good thing they are no longrr vying for such action to be done because the complications can be so severe and the damage, irrepairable.

Thanks for your analysis on how a rollback will work and it effect on mining. This been said, since it will cost much more to hire 51% of miners, then it may as well be best to ignore the chase. Again, maybe they are looking at the future of bitcoin price as compared to the fund that is about to be spent in chasing this scammers so as to make it an orphan.

My question is this: Can't this transaction be followed and given a close monitor? Until it gets a point where they would want to discharge as in convert to fiat or spending, and authorities get to freeze the account? do you also think there is a future plan to arresting this hugly situation to ensure greater confidence in the future? Thanks a lot.

Yes and No.
Bitcoin is pseudo-anonymous. IF the hackers just keep on funding their own wallets on the bitcoin network, it's defenately possible to keep tracking untill they deposit funds on an exchange or a P2P marketplace and arrest them when they exchange their stolen funds for fiat.

HOWEVER... There are countless "tricks" that can be used to break the connection between 2 wallets. If you combine a couple of these tricks it becomes virtually impossible to keep tracking.

For example:

• The use of mixers
• Coinjoin
• Depositing and withdrawing from casino's
• Exchanging BTC to a privacy coin (like monero), moving the funds around a bit, then exchaning back

They already said its not gonna happen. Just imagine if one company has the power to initiate a rollback of the bitcoin chain. The reputation of Bitcoin would be gone forever. It was ok to think about it, as cz has already said he didn't know before that it could be possible... ;D

And it was good to discard the idea so fast...^^

Tracking the transactions is only possible if the hackers move the found to another wallet either in bits or whole, but once the employed other techniques then it impossible cause there are so many ways to move the stollen bitcoin under the Capet without tracing. The hackers are not fools to send the money to an exchange where they can easily be court tether they will use other features just as you have mention.

there is no "talk" and there has never been any "talk" of a rollback. all there was, was a tweet of someone who lost his mind after losing a huge amount of money (40 million dollars) and was trying anything to get that back and since his understanding of how a decentralized network of bitcoin works is minimal he is bound to make stupid statements like this tweet of his.

Rollback would have been possible by a hard fork, under the condition of the consent of almost all miners.
Then it would create a new cryptocurrency and a "Bitcoin classic".
Fortunately, it is not likely to happen.

i think it's fascinating to consider how the different scenarios might play out. in fact, i'd love to see a rollback attempted since it would apparently push so many peoples' buttons. :D

bitcoin is amoral and permissionless. miners and other economic actors don't need our permission to do something like this. are users going to fork every time miners do something compatible with the protocol that they don't like? that's quite inefficient. i wonder.


what about with 70% of the hash rate? or 90%?

ethereum network tried that once before but they failed hardly, (search DAO)
this situation is just $40m and surely no miner will try that but if it happens on a $4b fund most miners and maybe all miners may accept the bribe to help the roallback and make other suffer

$4 billion? No hacking group has ever managed to steal that much at once and the increasing security measures will make sure that no such thing will happen in the future.

Coming to the main topic, a rollback would complicate things in an insane manner which is why I don't support it. Every action has an equal and opposite reaction which is why it would probably cause more damage than intended.

it is not so much about having a huge hashrate and the ability to perform such an act but the fact that this is going to create a different fork which the network is never going to agree to follow because it will kill bitcoin and turn it into a shitcoin like ethereum in one action and nobody supports that.

It is funny how you compared this to the time traveling which happened in end game. Meme worthy stuff! :D
But in honesty a rollback would be a bad move on their part because when tragedy strikes they want to do it again.
It will be viewed as a huge eraser by these exchanges to do as they will. And we dont know what bad effects this will have on the blockchain.
It might very well be the breaker of chain(s).
So to speak. :(

chuckle :D

He can do Rollback, fork whatever with his shitcoin BNB, One cannot do Rollback on Bitcoin - The longest running chain. By talking about doing Bitcoin Rollback, CZ is embarrassing himself lol.

I disagree with the idea of implementing this Rollback. Once completely against the feature of instability! There have been about 100 blocks since the hack problem. And it doesn't feel right to get all this transaction back. Moreover, those who have a lot of money in the crypto world. And no one knows they won't make it a habit.

Thousands of people were being victimized in the event of Mt.GOX, or before, and no one was interested in Rollback? But when it comes to CZ and its precious exchange, we talk about it. CZ says that they are trying to be the best in every speech, making breakthrough in every field. CZ should not forget that the first thing you need to do is to secure the Binance platform and the money there!

The most important thing we need to protect for Bitcoin is that we have to be decentralized. CZ, Ver or any person should not have this power.

Have people forgot already what happens when you rollback? You make yourself look bad for everyone, you make the mockery of the blockchain ideals, which is permanence and immutability,,, hacks are meant to teach people a lesson, so please, learn your lesson. Do not think the community and miners will feel pity for you and rollback just because you were careless with security!

Am I the only one who's pissed that they even suggested this?
I mean, the audacity they have to even make a suggestion like that prompted me to instantly delete my account at Binance.


Source: https://www.coindesk.com/binance-may-consider-bitcoin-rollback-following-40-million-hack

It may have some negative consequences, yeah right. That's going over it pretty lightly to say the least...
That just shows to me that they have way too much power.

The talk has happened yesterday and the idea was abandoned.

Only somebody with insufficient knowledge of Bitcoin could come up with such ideas. OK, Binance has its connections, but it was proven to not be enough to pull a 51% / fork. Luckily. Because it would have been costly and would have done more harm than benefit even to Binance. And why? As somebody else said, 7000BTC is probably peanuts for Binance, maybe there are other such transactions too they didn't disclose? I hope not.

All markets should upgrade their security first.if binance or anothet market try to rollback, it cause serious trust problem to crypto which they dont want in the first place

I agree there are countless of ways to launder the funds. But there will be huge hurdles for them.

The bitcoin is being tracked in real time.

Any large amounts are hard to exchange without KYC and depositing a large amount of hacked funds on a mixing service or casino will draw massive attention on the mixing service or casino. It may also attract attention of law enforcement who will go after the service as well as the hacker (Like with BTCe).

Exchanging large amounts into other crypto will also draw attention to the hackers. Since it cannot be exchanged on exchanges that require KYC or that might seize the stolen funds there will be limited places where it can be discreetly exchanged. This is where any volume will give it away. There are not many places where you can exchange 40 million without being noticed.

It is more likely that the hacker will patiently sit on the funds and not withdraw it for years.

The only solution to prevent the major hack is by making high-level security in every exchange, and they need always to watch the suspicious activity that might happen in the exchange.
Besides that, they need to stay alert from the attacking that always comes to them as the big exchange because they are a good target to be attacked.
They need to build a team to handle the security on their website, so they will know if something not right is happen.
There a lot of things that they need to fix related to the security for their website and it's not easy but I am sure that binance will handle with care.

There's a big chance you're right and the thieves do not exchange the stolen funds for fiat for many years... That being said, i'm pretty sure i'd be able to completely "wash" 7000 BTC if i'd had a couple of months and was allowed to "lose" 10-20% on various fees. It's basically a matter of splitting up those huge outputs in smaller chunks, then wash them by using multiple different techniques and services on each of those chunks whilst always using a combination of privacy techniques to make sure you never get your real ip or other digital fingerprint recorded on any of the services you use to "clean" your illgotten gains.

I do realise you'd really have to have a welldrawn plan in order to make the washing seem completely random so nobody can just start analysing the blockchain and pinpoint you... And if you do slipup you'll probably end up in jail... But i don't think it's impossible if you keep your focus and know what you're doing.

Disclaimer: Eventough i'm pretty sure i'd be able to do this, i'm not offering my services to anybody... If you contact me to help you clean stolen funds, i'll probably report you to the authorities...

It's fortunate that the reality-check sunk in pretty quickly, so they only looked foolish for a short period of time.  I don't know why they briefly thought highly enough of themselves to entertain the absurd notion than anyone else would carry the burden of tidying up their mess for them.  I can't even begin to imagine a situation where the majority of users in a decentralised crytocurrency would willingly sacrifice the immutability of their blockchain to rescue a centralised company who dropped the ball.

I don't think many would agree with this. If we do a roll-back, then every legit transaction will be invalidated as well, not just the 7K hacked bitcoin.
ETH did this back then when DAO was hacked and looked at what happened. Remember MTGox? Bitcoin didn't roll-back back then and neither this time.

i got pissed at first but then it only makes me chuckle because when i read their statements about the "roll back" and the way they talk about it, it is clear that they have big delusions about their power over bitcoin :D
it seems like they think just because they run a centralized altcoin exchange with big volume it means they have a "button" which they can push and change the course of bitcoin as they like... lol

No doubt it would have created a clean fork, chain split in two. Between the two camps, the immutable absolutist and the naive realists.

Exactly how it unfolded for ETH and ETC. They must have forgotten the damage that fork caused to ETH. They lost a good chunk of the community there and gave up a core philosophy.

the majority of users would have nothing to do with it. it wouldn't have been a fork, just a block reorg. it's two valid branches, one of which gets orphaned. it would have only been between binance and the miners because the only way to incentive miners would be to donate some/most of the hacked coins to them. users wouldn't have been affected and in fact, miners don't need user permission to reorg the chain because it's compatible with the protocol. it's literally how bitcoin works. this is purely a matter of miner financial incentives.

bitcoin is not immutable. that has nothing to do with forks or users. it has to do with miners and it's the reason why we don't consider transactions with low/no confirmations secure.

people keep comparing this idea to the DAO fork but that analogy is horribly inaccurate. a lot of reactions i'm seeing show that many people don't understand bitcoin and how its incentives were designed to work. bitcoin is not here to bow to anyone's misguided views about what bitcoin should be. bitcoin is amoral. bitcoin is permissionless. bitcoin is. people need to stop thrusting their bullshit morality on free markets. it's obvious that a lot of people don't like how bitcoin works because the proposed reorg would have been 100% compatible with the protocol.


i don't think CZ said anything like that at all. there was no button to push, just up to 7k BTC to offer miners if a strong majority were willing to reorg the chain.

i read the threads and watched the AMA and i think people are being too hard on CZ out of ignorance. a bitcoin dev (jeremy rubin) and some others suggested the idea, CZ was totally ignorant about it like it had never crossed his mind, and then he made the horrible, tragic, unforgivable mistake of publicly mentioning that there was a discussion about it.

people in this space are like angry mobs with torches and pitchforks......

I am glad that binance didnt pursue rollback, otherwise it will have a bad remarks in blockchain technology.

But i think, the safe  thing to do now is for people to make sure they store their assets in their own wallet or cold storage.

It seems to me, however, that the miners would be able to comprehend that consent to such a reorg would mean only a narrow peak on their income charts, followed by a vast depression.

Some of the miners and practically the entire developer community would not have decided to mine from the orphaned chain after such incident and develop that currency further?
The previous chain would have been without developers and would quickly become incompatible.

It might end up chugging reasonably eventually. In the meantime the entire space would tear itself to shreds.



Summary from Peter Wuille here on how it might play out.

https://bitcoin.stackexchange.com/questions/87652/51-attack-apparently-very-easy-refering-to-czs-rollback-btc-chain-how-t/87655#87655

I think the incredulity is more to do with someone in that position entertaining an idea that almost anyone else would quash without voicing. It speaks of either - lack of education, stupidity or hubris. After this I hope his power dwindles rather than grows more than ever.  

This is an interesting one. I was a bit confused when the roll back suggestions was made due to some of the great points listed here. And I thought bitcoin was alot vulnerable if transaction was that easy to rollback.
 
The most satisfying part of your points is that it will cost more than was lost to do the roll back...
Do you think a roll back would be reasonable or would be an option if the lost amount was very large, like a billion dollar?  And what if people who are affected by the roll back are compensated from the recovered fund?

Not the only bitcoin will possibly do the rollback in case but with the entire marker as well. But we never think that we experience rollback after this short pumps instead, we positively are thinking that it will continue to rise until the end of this year.

Yeah, it really gives me hope and could be possible though.

Hacking incident from the most popular exchange is very shocking from the crypto ethusiasm, we don't expect binamce become victim of hackers. Users believe that the security of binance is very strong but of course if the hackes want to attract  they make possible ways how to success the plan.
The good news here is even the bad side news because of binance hack issue bitcoin until now continue to goes uptrend in the market cap.

Bitcoin rollback. Hah! What do you think this is, Ethereum?

What you've think of?
OP is just specifying of what will happen after the hacking scenario to Binance exchanges but it doesn't give a huge strike of falls instead, it make an opposite direction into moving high. As we usually think that this will make a huge drop down of prices and sadly, it never had.

This whole deal makes me sick...

1. Why consider a 51% mining exploit to "FIX" a problem? That sounds retarded.

2. Why consider a 51% mining exploit to "Save" $40Mill from a $100Billion market? thats 0.004% - Dafuq?

Seems like Binance thinks they control the market. Like there shit don't stink like shit. I'd rather see Binance collapse than to see the Bitcoin realm bow down to them like they are some God.

Binance F*cked up. It's that simple. When you F*ck up - You pay the Price. That price today is $40Mill. And seeing how successful Binance is, I'm sure Nobody will be starving or Dying...

In fact - I'm sure Binance is still rolling around in stacks of Cash. Completely Pathetic they would even suggest this.

Security bridge can not be eliminated but proper measure should be put in place so that the risk is minimal. Even though many exchange platform tap their security system idea from binance, the recent hack has shown that no exchange is totally secure. Almost every year, bad news regarding exchange hacking is being witnessed. I could remember last year binance also witness minor security threat. when an hacker deliberately inflate the price of a token listed on the exchange platform. One of the best means through which security bridge can be minimized is by carrying out security auditing regularly. I do not want to believe the hacker or hackers achieved this in one day but constant monitoring and testing of exploit on binance server.

Well i was a bit worried about bitcoin roll back and also some person who make videos on YouTube on my country about crypto, said if roll back happen that could somehow affect the credibility and make the things and price not go how should go.

If it's to someone's advantage then they'll try it. The thing that balances it out is that it's to every single other person's humongous disadvantage to permit it to happen. So they won't.

That's how it's always worked and always will which points to Mr. Binance being fucking dim or embarrassingly uninformed.  

I think we can all agree that users wouldn't fork to roll back the chain. That would never happen and it wasn't the issue here.

The issue is this: What would users do if miners orphaned the chain with the "hack" transaction and kept all other transactions intact on a parallel branch? This isn't a fork and node operators have no power to stop it since both chains are valid.

The only way users could reverse such a block reorg is by hard forking to roll back the chain and then hard-coding the "hack" transaction into the fork. Wouldn't that be the ultimate irony?

Well... everybody is saying that IF the miners would try to do a re-org, nobody would be able to stop them.

However, there is always the possiblity of adding a checkpoint.
If most full nodes (including all mining nodes that weren't payed off by binance) would add a checkpoint
( 575955, uint256("0x0000000000000000001e43f03c821f0d95d0ea8a2f09bf9e1a53deba0e34eb18")) they would not accept the "new" chain (the chain not including the thief's transaction).

I'm pretty sure that if 75% of the nodes would add this checkpoint, the discussion about a reorg would stop right away... The beauty is that this could be done at any moment. The downside is that you have to find a way to convince 75% of the full nodes to add the checkpoint to begin with (that being said, a checkpoint can be added to older versions of core aswell, people would not need to upgrade their existing nodes, just add a checkpoint and recompile)

If miners will do agree on rolling back that transaction this would be a big problem for the community because we all know huge numbers of people are getting scammed online using bitcoin if miners wll do a rollback because of hacking people will protest to rollback others scam transaction too then blockchain will have like what paypal have called "dispute"

Actually there could be a way to cash out without being detected.

The whole point of the blockchain is that all transactions are registered on the ledger. This was fine on paper until the blockchain became hundred of gigabytes long.

The question arose: do we Really need to engrave on the blockchain a transaction where someone buys an online game for BTC?

The idea became that only important transactions get registered on the blockchain. You can still register all your transactions on the blockchain but you will have to pay the fee.

For all other transactions, only the final outcome after all loose change is traded is registered: this happens on the lightning network.

over a significant time, the thief can "launder" the money .