I'd say we've got our hands full with the Cryptopia hack and the QuadrigaCX fiasco. Hopefully we don't see any other cases with big customer losses, but it seems to be that season. Liqui.io shut down recently too. I'm sure a lot of smaller altcoin exchanges have been decimated by now. It's anyone's guess who will go belly up or pull off an exit scam next.

That's what it looks like, and my gut instinct is that he was running a fractional reserve. However, we should keep in mind this theory is based on a couple days worth of internet sleuthing by random people. If a cold wallet existed, it wouldn't belong to the same WalletExplorer address cluster as the hot wallet.

The exchange's logs should be able to confirm one way or the other. The truth will come out eventually.

It's possible we're jumping to conclusions too quickly regarding the wallet analysis that's been doing the rounds. There definitely could have been cold wallet addresses that were never used on the network to spend outputs, and those wouldn't have been included in the WalletExplorer address grouping.

Okay, that's fair enough. If his body comes back to Canada and is positively identified as him, I'll admit it probably wasn't a scam. If it's truly like the court filings say, it's like somebody getting struck by lightning twice. Not impossible, but really unlikely.

I wouldn't compare the two either, but the recent bug in Core was far more serious. It was "theoretical" in the sense that all bugs that haven't been exploited yet are theoretical. Since you quoted theymos:


I encountered the Electrum attack. To be honest, it wasn't very convincing. It was a social engineering attack, not an actual vulnerability in the software. You would have had to open an external untrusted website, download the software, and also neglect to verify it. Plus, the malware only worked if you kept your Electrum keys online, which isn't necessary.

There's no reason to do it at the protocol level. Dead man's switches for Bitcoin inheritance have been a topic of discussion for years. Here's one interesting approach to the problem.

The simplest way to do it is to use nLockTime: Make a transaction that pays your inheritors in the future and reveal it to them, then periodically spend those coins before the timelock triggers (every 6 months or something). Rinse, repeat. When you die, the coins will finally be transferred to your inheritors.

I hate to seem insensitive, but I prefer the Duck test.  "If it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck." This has all the markers of a scam.

The owner executed a will two weeks before his death! Then, faced with mounting unfulfilled withdrawal requests on his exchange, he skips off to India with all the private keys and just happens to die? All while leaving zero processes in place to properly run the company or guarantee customer deposits? Only scammers operate that way. There's nothing remotely normal or explainable about that scenario. This isn't negligence. It's malice.

When it's entities like the ICE and Fidelity and Citibank holding custody instead of lone exchange operators or Bitgo multisig, there will probably be fewer exit scams like this. However, there will still continue to be hacks and embezzlement attempts by insiders. One of these Wall Street custody solutions will eventually get compromised and that'll trigger a major controversy about the viability of Bitcoin securities and physically settled derivatives. I just wonder how big the market will be and how much will be in custody when that happens.

The attacker would obviously want to respend those outputs to addresses they control at the same time and try to confirm the double spends.

That's why the amount of hash rate an attacker controls matters so much. Just like selfish mining, the expected value is a matter of probability because Bitcoin's mining algorithm is based on a discrete probability distribution (a Poisson distribution). There's never a guarantee that any attack will work 100% of the time, but the important thing is that the higher an attacker's hash rate, the higher the chances of success. The bigger an entity is, the bigger their incentive to attack.

That's the closest we have to the OP's first idea ("frozen addresses"), yes. I'm pretty sure I've seen this use case suggested before, but it doesn't seem particularly useful as an anti-hacking mechanism. If your private keys are compromised, then once the timelock is ending you're still just racing the attacker to spend the outputs and hoping your transaction gets confirmed first.


You should use payment channels on Lightning then. Both counterparties need to sign a transactions before channel state can be updated. Otherwise, the last valid state can be broadcast to the blockchain.

Bitcoiners, nerds? Impossible!

It's not off topic because you would have needed access to significant mining power to reliably perform such an attack. Without hash rate, you couldn't guarantee winning bets will be confirmed and losing bets dropped. Any non-miner could have losing bets confirmed all day. A mining pool can withhold certain transactions (losing bets) from the blockchain while confirming others (winning bets). This creates expected value for the colluders.


The point is that miners with significant hash rates have incentives to act dishonestly. The worse mining concentration gets, the less Bitcoin's mining incentives work. Attacking 1-confirmation transactions would significantly increase the costs, but it doesn't destroy the double spend incentive. There just needs to be enough value worth stealing and enough hash rate at the attacker's disposal.

It's impossible to calculate. The order books listed on exchanges are fluid and only give you a glimpse of overall market liquidity. As the price rises, more coins will enter the order books and it'll take more money to keep pushing price up.

It's not just miners who will have to adapt. Users will need to adapt to paying higher fees. This is a really important part of Bitcoin's design. We can't guarantee endless transaction growth, so we need to depend on scarcity of block space to force fees higher.

As long as demand is strong enough for perpetually full blocks, I'm confident the mining incentive can still work after inflation is done. This is an even more important reason to retain the block size limit than node or miner centralization.

Haha, I don't mind the label myself.


Most people don't understand cryptography, economics, computer programming. They don't understand how Bitcoin works, and using it can be really complicated for novices. So naturally, Bitcoin seems like it's tailor-made for nerds from an outsider's perspective.

Thanks for sharing. Pending confirmation from other internet sleuths, this report looks pretty damning for QuadrigaCX, Gerald Cotten and possibly his wife. There is strong circumstantial evidence that they were running a fractional reserve, paying withdrawals with new deposits. That would explain the recent withdrawal delays and the apparently hasty need for Cotten to execute a will and die.

It looks like Quadriga was on the verge of a Gox-style ending:

Key word, might. It's also not clear what they mean by resuming operations -- it could just mean bringing the site up in limited capacity, allowing users to log in and see balances, etc. Right now, the site is still just a splash page. The letter from NZ Police suggests nothing about a speedy return of funds.

The article makes it sound like the police are preventing communication with their customers:

There were a few factors.

They were in the right place at the right time. At a time when Poloniex was shedding customers due to horrible lag, Binance offered a far superior trading engine. At a time when Bittrex was adding mandatory KYC, Binance let you withdraw $15,000+ a day with no documents.

Their rise was further reinforced by the BNB token's success. BNB benefited from the ICO bubble but also incentivized people to trade at Binance. It created a feedback loop.

I'll just leave this here:


Lots of fishy things going on here:

• Owner had sole control of cold storage keys (unheard of these days)
• Owner executed a will less than two weeks before he died
• Only evidence of owner's death is a supposed death certificate from India

I would echo this sentiment:

Could you give some examples? Laws, guidance from tax authorities, things like that?

Your Livecoin trading history is just a spreadsheet from a dodgy foreign company. It's not really "proof" of anything. It's not an official tax document, so I don't see why you're dwelling on it.


Maybe you should ask for very generic guidance from your tax authority. No reason to give them details, but just general guidance about what to do.


This still doesn't sound right. Maybe if you were more specific about where you live, this could be proven or disproven.


It sounds like you might be afraid of your own shadow.

The mixed coins are still your coins. You did nothing illicit. If you want to lose your private keys and donate the coins to the rest of us, feel free.


You might be waiting a while.