|
Before people throw good money after bad you may want to consider that bitfloor is the operating entity and Roman the owner and employee. Corporate shield is pretty tough in the US. You can file suit against bitfloor but that is only useful if you genuinely believe bitfloor has piles of cash and is simply not paying. A judgement against an insolvent company is nearly worthless. Liability doesn't pierce the corporate shield unless you can prove an overt act of fraud. Prove doesn't mean internet "we all know he did it", it means beyond a preponderance of evidence by the rules of evidence in a court of law.
|
|
|
|
|
People won't get negative interest on their checking account balances. Short term bonds may have negative interest rate. Still nominal interest rates are meaningless, what really matters is real (adjusted for inflation) interest rates and they have been solidly negative in many countries for some time now. Anyone in control of the kind of funds necessary to be affected already knows this. It makes a headline but they have been losing purchasing power on their cash for the better part of a decade now. I don't see it driving bitcoin adoption. It won't affect the Dane on the street and large corporations, banks, and other major holders of cash are holding billions of Krone. They couldn't move that kind of money into Bitcoin without massively driving up the exchange rate.
|
|
|
|
|
Yes. Today the protocol uses no encryption and static ports. It would be fairly trivial for an ISP to identify bitcoin data. Of course similar countermeasures like what are used for bittorent could be built into the protocol. In the meantime you could use a VPN connection (of course that just moves to point of listening) but you may trust your VPN provider more than your trust your ISP, or at least it is easier to pick another VPN provider than it is to pick another ISP.
|
|
|
|
auditing the balance of a wallet is a reasonable requirement, surely. Maybe but it doesn't address the attack you indicated in the OP which is my point. a watching-only wallet might be compromised in such a way that it gives out receiving addresses that are actually controlled by an attacker Even if you could accurately and easily verify the balance reported by a wallet is correct, you only have an assurance that you haven't lost coins yet. If that is your goal well you have succeeded. What is confusing is you describe a scenario (quoted above) and your solution doesn't give you any assurance that the attack scenario (addresses controlled by an attacker) isn't true. To say, you shouldn't care what your balance is as long as you can convince yourself that you haven't been the subject of the particular attacks you think likely is, well bizarre. That is a mischaracterization. Have fun. |
|
|
|
You don't but if you take the wallet file and compute the merkle hash on another computer you can be assured that is valid (unless the other computer is also compromised). Ok. But you're assuming the compromise was the wallet file rather than the wallet code. If the compromise was in the wallet code then analysing the wallet file on another computer isn't going to demonstrate anything. True. You would need to compare the addresses as shown by the hot wallet with the analyzed contents of the wallet file. It would catch any issues in either the wallet or client on the compromised machine. However upon further reflection that would be a rather painstaking, tedious, and error prone step. The addresses could be checked in realtime. The QR code of the "receiving address" could be scanned by a second system (like say a cellphone) which would verify the address is valid. This could be done by either BIP32 public seed or for random keys signing the all addresses with a private key only know by the cold wallet. Still I do admit this is rather clunky but I don't see another solution. |
|
|
|
I don't know about you - but I actually want to know how many coins I own. That is the sole requirement here. Really? So if right now I injected my addresses into your wallet but you haven't used them YET and thus your balance is correct but you are in imminent danger of losing coins in the future you would not want to know that? You only want a system which can tell you AFTER you have already had coins stolen (potentially an irreplaceable amount) that they are definitely gone? |
|
|
|
Quote from: DeathAndTaxes on Today at 04:54:02 PM
Who much data you you think is going to be needed to verify the "balance of every address" (technically no such thing exists it is the outputs of every transaction).
It is not every transaction. It might be a lot of transactions, but it is still a minority of transactions that are needed (i.e. the amount of data needed is considerably smaller than the entire blockchain) But it is every all transactions Your spendable "balance" is equal to the value of the unspent outputs of all the transactions which defined your key(s) in the output. How does your cold wallet know if an output is spent or not (without the blockchain)? Also since responding I realized even this is not complete as the compromised wallet could simply leave recent spends out of the list. But how do I know that the online computer didn't lie about the merkle hash? You don't but if you take the wallet file and compute the merkle hash on another computer you can be assured that is valid (unless the other computer is also compromised). |
|
|
|
Oh, simple.
Assume an attacker compromises the computer with my watching only wallet and arranges so that every time I asked for a new receiving address it actually displays addresses under the attacker's control. I then transfer coins to this address, intending to place them into cold storage; but unbenowst to me I'm actually paying them to the attacker. Then the actual concern is the hot wallet contains "foreign" addresses. As indicated above that can be verified without any knowledge of the blockchain or transaction history. Using a merkle tree the cold wallet could verify the SET of addresses in the hot wallet are accurate with a single hash (256 bits). In order to keep up this attack for as long as possible, it's in the attackers interests for the attacker to arrange for the watching only wallet to display the balance I think I should have, not the balance I actually have, so that I don't notice the attack. If this is a savings wallet which I never withdraw from, the attacker could keep this up for years. The compromised watching only wallet would display a balance that taliies with what I think I should have, but in reality the wallet is essentially empty because I never paid any coins into the real wallet.
This is called an x-y problem. The actual problem is to ensure the hot wallet doesn't contain any foreign addresses, you latched on to verifying the balances as the "way to do that". It is a far more complex problem and one that doesn't need to be solved in order to solve the real problem. http://meta.stackexchange.com/questions/66377/what-is-the-xy-problem |
|
|
|
There is no need to "fake the balance"
An attacker that compromised my online computer to give out incorrect addresses would probably want to fake the balance so that I didn't notice. Ok sensing an x-y problem here. The real threat you are worried about if the attacker adding his address to your online wallet so that you will accidentally use it (and lose funds). The cold wallet only needs the addresses nothing else to ensure this is correct. If you are worried, all you really have to do is make sure your online watching only wallet is giving you the correct public addresses.
And to be 100% sure, I have to retrospectively verify every address it's ever given out. Not entirely realistic. How much data you you think is going to be needed to verify the "balance of every address" (technically no such thing exists it is the outputs of every transaction). Still if you only verify the outputs then you won't detect the attack until AFTER you have lost funds. If you verify the hot wallet doesn't contain any foreign addresses you will (potentially) catch the attack before losing funds. Which seems to be a better solution. The naive solution is to dump all addresses from the hot wallet and send it to the cold wallet. The cold wallet scans the list looking for ones which it doesn't have the private key for. However there is no need to transfer all the addresses. Technically we just need to know the set of addresses in the hot wallet is accurate. A merkle tree of the addresses in the hot wallet as an example reduces the set of addresses to a single hash. The cold wallet can construct the same merkle tree and verify the hashes match. If they don't then the hot wallet contains addresses the cold wallet is unaware of (possible compromise). For obvious reasons this merkle tree would need to be computed on a different machine (if hot wallet client is compromised then you can't be sure anything it outputs is valid). |
|
|
|
What use is verifying the balance displayed is correct?
I don't understand that statement. I believe I have X coins in my offline wallet. But I only believe that because a (possibly compomised) online computer tells me that. In what way could it be anything other than useful to verify that I really do have the X coins I think I have? Lets look at it the other way. What use would there be for an attacker to fake your balance? How exactly would they accomplish that and why? |
|
|
|
What use is verifying the balance displayed is correct? Your own first posts indicates the possible threat is that an attacker includes the wrong address. The offline wallet can easily determine which addresses correspond to keys it controls. There is no need for the blockchain or balances. It would also be possible to get a reasonable degree of assurance in a trust-free manner, simply by having the offline system display the difficulty after the last block, which the user can verify is roughly correct. This is enough to prove that whoever constructed this chain expended work at least equivalent to the entire bitcoin network hashing at current speeds for several weeks over four days, which is still a pretty high bar to faking an audit. The entire network creates one block at current difficulty every 10 minutes. I am not sure where you got 4 days from. Maybe it would be better to state exactly what you are trying to prove and why. If you are just trying to prove the online wallet only contains your addresses then all you need is an export of those addresses. The cold wallet can instantly determine if there is an address in the hotwallet which it doesn't have the private key for. |
|
|
|
They hand you a $20, a $10, and a $5! Oh noes! Should you be concerned that the payment came from 3 wallets? A good analogy. |
|
|
|
I do not understand why this was moved to "Gambling"
I don't see how in any way this would be labeled gambling
Probably because there is no category labeled ponzi scam garbage. |
|
|
|
you're missing something here. When something appreciates, it's MARKET VALUE has increased. I can't just declare it to be more valuable.
A declared value is a requirement for selling additional stock. The new investors are putting in $30M. What does their $30M buy them? 50% of the company, 1% of the company, 99% of the company? Without some valuation for the company it becomes impossible to issue additional stock. A valuation is part of any offering. If investors buy in then they are getting 15.7% of the company in exchange for $30M in capital. As for the market deciding well that will happen. If the offering is successful then the market (investors buying shares) are agreeing with the valuation, if it isn't then they are indicating the valuation is too high. Either way it adds to price discovery. |
|
|
|
|
A good rule of thumb is to simply never click on links in emails for site which may be important. It is easy to be careless one time and not notice a misspelled url and it only takes one one mistake. So if you get an email like this (and ironically it is good advice) and even if you believe it is legit. Open a browser manually, go to bitcointalk, login as normal.
|
|
|
|
Is running Bitcoin Core wallet on a laptop fully synced to the network considered running a full node?
Yes. The Bitcoin Core running on any hardware and synced with the network is running a full node. If due to routing or firewall issues your node doesn't (or is unable to) accept inbound connections then you are not materially supporting the network. |
|
|
|
But we still need (or will need) a copy of the
blockchain in order to participate
as a node? or not?
It depends on what you mean by "a copy". To validation transactions, engage in mining, and support SPV clients you only need a pruned version of the blockchain. Today all "full nodes" keep more than just the pruned version. There are reasons that some people would want to keep the unpruned version of the blockchain and in order for new nodes to obtain that there has to be sufficient number of nodes which have a copy and accepting connections. The vocabulary will probably evolve to highlight this difference (full node vs archive node?) much like we identify the difference between full nodes and lite nodes today. If your requirements are even smaller than what a pruned version of the database can provide then you should be looking at SPV clients. They still provide better security than a "distributed node" and they only need to maintain a copy of the blockheaders locally. The headers will require less than 50 MB per year to store. They request the data necessary to validation a transaction in realtime and only for the transactions they are interested in. The data they receive from full nodes can be verified against the blockheaders to ensure they aren't being spoofed. |
|
|
|
ah! sorry, really silly moment! I've just realised the send funds data was still left in my multibit from the last transaction, luckily this was to my own exchange account! Sorry for wasting anyones time, but coins now received!  Great lesson to learn and luckily in your case the address you sent it to was credited to you. |
|
|
|
|
There is no such thing as "your send address". You sent bitcoins to someone elses address. Now you need to figure out who it is. They have your bitcoins. Your only option is to find them and ask for them back. If you can't then Bitcoin transactions are intentionally irreversible so you have lost them.
|
|
|
|
The $8,000 isn't income. You don't owe taxes on gross revenue, you owe taxes on income. In the example the miner has no income, he has a loss and thus no taxes are owed, not only are no taxes owed if the miner has other non mining income his loss from mining would offset that income. Even if the miner did have $8,000 in income (income = revenue - expenses) it wouldn't be $3,200 in taxes. Assumming he had no other income and was single it would be: $8,000 - $6,100 (standard deduction) = $1,900 * 10% = $190 in taxes. http://www.bankrate.com/finance/taxes/tax-brackets.aspxHow about people who don't understand the absolute basics of taxes, leave the taxes to their accountant or tax professional before they freak out? |
|
|
|
|
Show Posts
