Does this exist? Bonding for sellers of goods that generate private keys.

[FLHippy]

Someone asked me a very good question today about the unfunded notes I am selling (see my sig) ...

They asked "what is to prevent you from keeping copies of the private keys"

My only response is.. I'm not that type of person, I destroy the keys immediately after printing...

Lawn mowers are bonded... construction workers are bonded... I was even bonded at a job I held once.

So I ask, is there a bonding service for people like me who are selling something which initially has no value but is intended to have an unknown value?

Is there a trusted bondsman for someone like me?

[1714902023]

1714902023

[1714902023]

1714902023

[BitcoinKeys]

How much you charge for those things? I might be into buying a good amount at a time to sell on my website.

[FLHippy]

How much you charge for those things? I might be into buying a good amount at a time to sell on my website.

1.5 BTC for 10 with vanity addresses.

If you want them in bulk, I would be happy to oblige. Please PM me for details. I will sell you any QTY.

[casascius]

I have been considering doing 2 factor pieces to cut down on this risk.

The way I see it, it is a risk that goes both ways. If someone claims I have scammed them, and makes noise about it, it is just as much a reputational risk as though I really had.  Of course, they would have to have an intact piece to support their claim, making it much more difficult and hardly worth doing for 1 or 5 or 10 BTC.

But if it is a piece meant for holding unlimited savings, I run the risk that someone loads 10000+ BTC on it and then uses sophisticated/expensive means to attack the piece to somehow get the private key while keeping it appearing untampered.  They steal their "own" BTC and then claim issuer theft. In that case, having made a 2 factor piece would protect me the issuer as much as it would protect the buyer.

[FLHippy]

Casascius,

   I will certainly follow your lead on this and if there is anything I can do to assist please let me know.

I assume you have had no problems to date?

[casascius]

No problems. Have wanted to do this for a while but tools have not existed.  If someone has a 2 factor coin but can't easily redeem it, it's of limited usefulness.

Now they sort of exist, for the purpose of outsourcing vanity generation.  I am hoping I can talk someone into improving the Vanity Wallet tab on bitaddress.org to become the calculator I would need others to have available in order to generate their keypart and redeem the two factor pieces. I have posted a bounty in the relevant thread.

[MPOE-PR]

This is the same old problem of insurance. You can't be bonded because you're not worth anything so the bondsman doesn't have what to hold over your head, and because you do not belong to a statistical class so that the bondsman could evaluate the costs and risks sanely.

[casascius]

This is the same old problem of insurance. You can't be bonded because you're not worth anything so the bondsman doesn't have what to hold over your head, and because you do not belong to a statistical class so that the bondsman could evaluate the costs and risks sanely.

Well, the assumption that I or anyone else is "not worth anything" is pretty presumptuous. And yes, I understand you mean "anything substantial", and it's still presumptuous.

The real problem is that so few people in the world understand BTC, that no insurer is going to be comfortable with the risk not knowing how to evaluate it. If I needed a bond because I'm going to be handling lots of USD, I would have no problem getting it.

[FLHippy]

I run the risk that someone loads 10000+ BTC on it and then uses sophisticated/expensive means to attack the piece to somehow get the private key while keeping it appearing untampered. 

Just a FYI, At this year's defcon conference (and previous ones) they had a room with all kinds of tamper evident devices and prizes for defeating the devices.

I believe every device was defeated with low-tech methods. Most of them that were plastic simply involved warm water.

I think a paper note might be less susceptible to some of the methods used though.

I have tried and tried and tried to remove a sticker from my notes without evidence. No luck.

[casascius]

I run the risk that someone loads 10000+ BTC on it and then uses sophisticated/expensive means to attack the piece to somehow get the private key while keeping it appearing untampered.  

Just a FYI, At this year's defcon conference (and previous ones) they had a room with all kinds of tamper evident devices and prizes for defeating the devices.

I believe every device was defeated with low-tech methods. Most of them that were plastic simply involved warm water.

I think a paper note might be less susceptible to some of the methods used though.

I have tried and tried and tried to remove a sticker from my notes without evidence. No luck.

I thought the same thing, given that I have attended DefCon every year for the past several years and am amazed that even as sophisticated as tamper evidence gets, there's always somebody out there somewhere who knows how to crack it.

Someone with 10000 BTC to throw at a potential scam would be in a budgetary position to imitate my hologram from scratch, regardless of whatever could be done to compromise it without being detected.

Meanwhile, if I could produce a good legitimate 2-factor key product, complete with engraved bitcoin address and all, I anticipate a possibility that it might attract the interest of financial professionals wanting to store bitcoin, such as officers of corporations or asset managers.  It would be a credible and safe way to store bitcoins without having to trust anybody but the person in possession of it, and to the right audience, would be well worth the $35+ I'd have to charge per piece to make it worthwhile, given that each piece would be custom.

[casascius]

It's 1:30 AM local time and I have just finished writing the utility I believe will make 2-factor physical bitcoins possible.

The utility is the new "Key Combiner" screen on my Bitcoin Address Utility.

https://casascius.com/btcaddress-alpha.zip (Windows with binary and source)

While developing it I discovered BitAddress.org (and hence Vanity Pools I guess) use EC addition not multiplication, which is a security risk if used for two-factor physical bitcoins.  Also, I have barely tested this, so don't use it for any serious money, lest coins go to never never land.
 
Here is how it works, for example: you and I each generate a key pair, each keep the private key, and share with one another the public key.  We both use KeyCombiner and arrive at the bitcoin address - combining the private key we generated ourselves with the public key received from the other.  We should both get the same address, despite the inputs being different.  This gives the bitcoin address but not the private key.  Send funds to the address.

Now, whoever is supposed to be able to spend the money should be given the other private key.  The person with both private keys combines them and this yields the private key that unlocks the funds sent to the address calculated in the prior step.

[MPOE-PR]

This is the same old problem of insurance. You can't be bonded because you're not worth anything so the bondsman doesn't have what to hold over your head, and because you do not belong to a statistical class so that the bondsman could evaluate the costs and risks sanely.

Well, the assumption that I or anyone else is "not worth anything" is pretty presumptuous. And yes, I understand you mean "anything substantial", and it's still presumptuous.

The real problem is that so few people in the world understand BTC, that no insurer is going to be comfortable with the risk not knowing how to evaluate it. If I needed a bond because I'm going to be handling lots of USD, I would have no problem getting it.

My comment was directed at the original poster (who, as I understand, is just starting some vague business, has no OTC id etc). It was not directed at you (who, as I understand, have been running a substantial BTC business for some time now).

I don't think you would have much trouble getting either USD or BTC backed bonding. Your problem most likely is the dubious yet interface between BTC and USD (as from a business perspective, since what you need to bond mostly happens in the real world, USD bond would be best for that yet from a financial perspective, since your CPs mostly deal in BTC, a BTC bond would be best for you). An entirely different class of problem, then, as compared to the original "here's a person we don't know doing a business we don't know, let's insure it".

[FLHippy]

My comment was directed at the original poster (who, as I understand, is just starting some vague business, has no OTC id etc). It was not directed at you (who, as I understand, have been running a substantial BTC business for some time now).

Everyone has to start somewhere. Those that have ordered from me here and on eBay know who I am. 5 Minutes on google will clue you in also.

There will always be skeptics and outright haters. I was making an honest attempt at some sort of bonding or insurance.

Also, I do have an OTC ID. My attempts to trade OTC in mid 2011 showed me that it's a farce and just as scammy as everywhere else.
I never traded anything there. Every person willing to trade failed the basic sniff test.

[14:12] <gribble> User 'FLHippy', with keyid EABFC75854338513, fingerprint 11525C23C5A6F71469CE0F56EABFC75854338513, and bitcoin address None, registered on Tue Jul 26 08:22:59 2011.

OTC ID is shit. I seek something substantial. I think Casiscuis is on the right track. People who were formerly trusted are now turning out to be scammy fucks. Two factor encryption eliminates the peoples from the equation. I look forward to getting my head around how it works and implementing it.

[MPOE-PR]

Everyone has to start somewhere.

Sure, everyone has to start somewhere, it's just that nobody has to start insuring someone who's just starting somewhere. We weren't really discussing whether you should start, we were discussing why it's so difficult to be insured.

Also, I do have an OTC ID. My attempts to trade OTC in mid 2011 showed me that it's a farce and just as scammy as everywhere else.

Well, that's not the case. You might want to review this.