Theymos: “Bitcoins Belonging to Satoshi Should Be Destroyed”

[Dabs]

How do coins that are never spent factored into this? I mean, those addresses that do not have public keys yet, because the coins have not been spent and that particular address has not been reused?

Isn't it that bitcoins are protected by at least 2 layers of encryption: The public / private keys, and a hash which results in the bitcoin address?

I can understand coins that are in an address (such as a vanity address or a public donation address) that is reused (spent change goes back to it or people send coins to it constantly).

[adamstgBit]

sensor ship

censorship

[AgentofCoin]

How do coins that are never spent factored into this? I mean, those addresses that do not have public keys yet, because the coins have not been spent and that particular address has not been reused?

Isn't it that bitcoins are protected by at least 2 layers of encryption: The public / private keys, and a hash which results in the bitcoin address?

I can understand coins that are in an address (such as a vanity address or a public donation address) that is reused (spent change goes back to it or people send coins to it constantly).

Any address that exists has a public key and as a result, a private key.
The current system is safe and the ability to crack a private key with no spends is almost impossible.
But with an advanced QC, which is what is the purpose of this discussion, it can crack it.
Coins that are never spent do not matter with an advanced QC situation.

Currently, the more txs that are sent out from a single address, reduces that address' "protection".
But with the speculative QC, the private key cryptography we use now is not enough.
In theory, the advanced QC will be able to brake all codes and all encryption world wide in short time.

Private keys would be cakewalk for this theoretical system.
It is important to remember, that all codes/encryption will be broken over time.
What we have to do, is change to a stronger encryption before we get compromised.

[Randian Hero]

Destroying other people's coins is nonsense. How it it supposed to be done anyway? new miner rules? Brue force them and then destroy them?

[sdp]

ask Craig Wright for them!   

[Rizky Aditya]

This is somehow worst. Who gives the right to destroy people's money. Even he mined almost 1million amount of bitcoin, you don't have the right to destroy it though just to comply with your perspectives. For the soft fork solution I am more into securing the address "OP_LAMPORT" . I think if we use this method all users will benefit into it.

He isn't destroying anything, he is just saying that the coins should be destroyed. But you are completely correct, no one has the right to destroy someone else's money. BTW I think all of Donald Trump's money should be destroyed.

[BitcoinEXpress]

Theymos is right on this.

Let's see how many of you are crying when some bad ass hacker comes along, gains access and dumps 1,000,000 BTC on the market.

It will be welcome to December 2011 all over again

But Hey

I firmly believe in global purification through nuclear annihilation anyway.


~BCX~

[UngratefulTony]

Theymos is right on this.

Let's see how many of you are crying when some bad ass hacker comes along, gains access and dumps 1,000,000 BTC on the market.

It will be welcome to December 2011 all over again

But Hey

I firmly believe in global purification through nuclear annihilation anyway.


~BCX~

It's a profound decision for Bitcoin, does the public fear of "dumpage" bestow the right to the Core to delete/nullify the ownership of the obstinate/absent individual key holder via a soft fork? pre or post quantum?

[theymos_away]

How do coins that are never spent factored into this? I mean, those addresses that do not have public keys yet, because the coins have not been spent and that particular address has not been reused?

Isn't it that bitcoins are protected by at least 2 layers of encryption: The public / private keys, and a hash which results in the bitcoin address?

The Bitcoin client's built-in solo miner paid directly to a public key, not an address. So there's over a million BTC in the form of unspent 50-BTC block rewards which are vulnerable to a break in ECDSA. This is the main concern.

Unspent addresses are OK, at least until quantum computers get so fast that they can break keys within the few minutes between when you spend from such an address to when it gets confirmed. Contrary to what someone said earlier, SHA-256 and RIPEMD-160 are OK. QC halves the number of bits of security for symmetric crypto. SHA-256 has 128 bits of security under QC, etc.  Whereas all asymmetric crypto used today is totally broken (ie. the complexity of breaking a key is polynomial w.r.t the key's length under QC, though it still might take some time).

[AGD]

Theymos is right on this.

Let's see how many of you are crying when some bad ass hacker comes along, gains access and dumps 1,000,000 BTC on the market.

It will be welcome to December 2011 all over again

But Hey

I firmly believe in global purification through nuclear annihilation anyway.


~BCX~

Theymos is wrong!

Let's see how many of you are crying when Satoshi Nakamoto comes along and dumps 1 Mio Bitcoins on the market.

This risk was always present and when asked about Bitcoin security, people tend to post a picture of the sun. You here stuff, like "Laws of Thermodynamics forbid Bitcoin to be hacked" or "Bitcoin is protected by the power of Math" etc pp.

If somebody was able to hack Bitcoin now, we are finished with it. Too many people will lose their money and trust.

[Searing]

How do coins that are never spent factored into this? I mean, those addresses that do not have public keys yet, because the coins have not been spent and that particular address has not been reused?

Isn't it that bitcoins are protected by at least 2 layers of encryption: The public / private keys, and a hash which results in the bitcoin address?

The Bitcoin client's built-in solo miner paid directly to a public key, not an address. So there's over a million BTC in the form of unspent 50-BTC block rewards which are vulnerable to a break in ECDSA. This is the main concern.

Unspent addresses are OK, at least until quantum computers get so fast that they can break keys within the few minutes between when you spend from such an address to when it gets confirmed. Contrary to what someone said earlier, SHA-256 and RIPEMD-160 are OK. QC halves the number of bits of security for symmetric crypto. SHA-256 has 128 bits of security under QC, etc.  Whereas all asymmetric crypto used today is totally broken (ie. the complexity of breaking a key is polynomial w.r.t the key's length under QC, though it still might take some time).

ok saying in the future this security concern is legit...could they not 'tweak' the code and put satoshi's coin in a side vault (chain?) I don't code and have it accessed in that manner..ie the private key pops the lid and protocol of such is proved...if so......it would NOT be an instant transaction because of this 'hacking" issue...but again its been flagged as accessed..and the coin may not be able to be dumped completely ASAP ...but would be pretty straight forwad...flag'd in such a manner

sorta a 'side wallet/chain for the founders coins' due to the security concerns you raise above (all sitting on the web wallet)

again i don't code assuming i have this right ?



again

[NorrisK]

I understand the potential security concerns but I don't think it really matters at this time. As people are unable to figure out who Satoshi is, there will be no links to finding ip addresses or whatever to hack into his private stash. Hacking private keys is also not viable at the moment, so there really is nothing to be afraid about.

Also, this is assuming that all his coins are linked to the same private key. Wouldn't it make more sense if there are hundreds of keys for testing purposes? Hacking 1 million coins in one go is very unlikely.

I think it is very unwise to set a fate for unused coins. What if I wamt to store some coins for 10 years? Do I have to start moving them every now and then exposing them to outside threats? Not wise Imo.

Once hacking of private keys is possible, and coins need to be moved to more secure private keys, than it would be a different story.

[Searing]

I understand the potential security concerns but I don't think it really matters at this time. As people are unable to figure out who Satoshi is, there will be no links to finding ip addresses or whatever to hack into his private stash. Hacking private keys is also not viable at the moment, so there really is nothing to be afraid about.

Also, this is assuming that all his coins are linked to the same private key. Wouldn't it make more sense if there are hundreds of keys for testing purposes? Hacking 1 million coins in one go is very unlikely.

I think it is very unwise to set a fate for unused coins. What if I wamt to store some coins for 10 years? Do I have to start moving them every now and then exposing them to outside threats? Not wise Imo.

Once hacking of private keys is possible, and coins need to be moved to more secure private keys, than it would be a different story.

good point...we should be able to see such coming down the pike a bit before such actions of 'saving' the accounts from hacks need to be considered....

My fear is that 'Craig Wright' WHILE HE IS NOT Satoshi he may have been in a group of such. Say like Dave K. (forget last name) who passed and Hal Finey ....who also passed.

If they DID set up such a Tulip Fund as Craig Wright says that he can get access to in 2020....well hell he seems pretty bitter he could sell them all and FLUSH

btc prices down to under to sub 10 bucks maybe (with the panic)....(REMEMBER: he did NOT out himself..he was pushed into the limelight..just saying)

That would be interesting in a "the titanic can not sink' kinda argument on the whole question of Satoshi's coins...ie hack not needed if one is the  pissed off last man standing

of the Satoshi 'Group' as it were.... decides to 'act' in such a manner anyway....ie I'll show you guys...he could even do it anonymously no way to tell if another member of such

a group or the 'real' Satoshi did something like this for 'giggles' anyway ....one way to stay anonymous kill the golden goose...Satoshi if he is still alive...has other wallets unknown to

us all I'd think....take $$$ out from now till 2020 .....flush the hoards folk know about..kill the project..sit back $$$ made before the crash on coins cashed out.....your autonomy and

unknown identity  is secure ...and no fuss no muss everyone stops caring ...would be like a moot point if btc was just paycoin in value in such an apocalypse

and you still have more $$$ then you could ever spend. (damn this is one scary crypto movie)

 .

(damn scared myself I did)

[Labumi]

I think this is a strategy to destroy a currency system that is already running (bitcoin). And it is most likely not going to happen, because the bitcoin has become better currency from other currencies. I think the steps taken will not work and is not guaranteed its success

[n691309]

If core developers has the power to destroy bitcoins then i consider bitcoin not safe, what if in the future they decide to destroy most of the coins that we might have on our wallets, this idea is not good and it's not what bitcoin was developed for.

[Lauda]

To be clear, you feel that our Rogerian Enemy's choice to single out Satoshi was an underhanded attempt to undermine theymos.

The whole article is and especially this quote.

Had they only not lied, but said "Theymos proposes to destroy ALL the coins mined prior to 2012, not just Satoshi's," bitcoin community would have applauded the idea?

No. That's not what he proposed either.

If core developers has the power to destroy bitcoins then i consider bitcoin not safe, what if in the future they decide to destroy most of the coins that we might have on our wallets, this idea is not good and it's not what bitcoin was developed for.

They don't have this kind of 'power' at all. It comes down to the community and industry.

[Ultrafinery]

To be clear, you feel that our Rogerian Enemy's choice to single out Satoshi was an underhanded attempt to undermine theymos.

The whole article is and especially this quote.

Had they only not lied, but said "Theymos proposes to destroy ALL the coins mined prior to 2012, not just Satoshi's," bitcoin community would have applauded the idea?

No. That's not what he proposed either.

According to him, coins prior to Bitcoin-Qt version 0.5 are affected. Did he propose to selectively destroy some coins, but not others?
This is like pulling teeth

[Developers] don't have this kind of 'power' at all. It comes down to the community and industry.

Didn't you say that 99% of the people here "don't even understand what Big O notation is" (inb4 paraphrase, not an exact quote)? How are these simpletons gonna understand what the devs are proposing? And what of the people who are simply hodling their BTC & not sodling it, like, you know, Satoshi? How do they even have a say in this?

[alyssa85]

i think there's simply no way any significant hashing power would back this most ridiculous fork proposal, the idea is just a crazy though. when / where is this quote from anyway?

The story must be true because it's been Roger VERified.  

https://news.bitcoin.com/theymos-bitcoins-satoshi-destroyed

It was originally a thread on the bitcoin subreddit that theymos wrote himself. Nobody forced him to write it either, he was just saying what he really thought and genuinely didn't see a problem with what he was saying:

Here is the original comment:

https://www.reddit.com/r/Bitcoin/comments/4isxjr/petition_to_protect_satoshis_coins/d30we6f

This issue has been discussed for several years. I think that the very-rough consensus is that old coins should be destroyed before they are stolen to prevent disastrous monetary inflation. People joined Bitcoin with the understanding that coins would be permanently lost at some low rate, leading to long-term monetary deflation. Allowing lost coins to be recovered violates this assumption, and is a systemic security issue.

So if we somehow learn that people will be able to start breaking ECDSA-protected addresses in 5 years (for example), two softforks should be rolled out now:

    One softfork, which would activate ASAP, would assign an OP_NOP to OP_LAMPORT (or whatever QC-resistant crypto will be used). Everyone would be urged to send all of their bitcoins to new OP_LAMPORT-protected addresses.
    One softfork set to trigger in 5 years would convert OP_CHECKSIG to OP_RETURN, destroying all coins protected by OP_CHECKSIG. People would have until then to move their BTC to secure addresses. Anyone who fails to do so would almost certainly have lost their money due to the ECDSA failure anyway -- the number of people who lose additional BTC would be very low. (There might be a whitelist of UTXOs protected by one-time-use addresses, which would remain secure for a long time.)

It is wrong on so many levels it is unbelievable. People joined bitcoin knowing there would be a maximum number of coins - not that Satoshi's coins would be permanently lost and that "allowing them to be recovered" would "violate" the principle of the maximum number of coins.

[Lauda]

According to him, coins prior to Bitcoin-Qt version 0.5 are affected. Did he propose to selectively destroy some coins, but not others?
This is like pulling teeth

Nope.

Didn't you say that 99% of the people here "don't even understand what Big O notation is" (inb4 paraphrase, not an exact quote)?

I've said that and I stand by it.

How are these simpletons gonna understand what the devs are proposing? And what of the people who are simply hodling their BTC & not sodling it, like, you know, Satoshi? How do they even have a say in this?

1) If you think that in the case of such a proposal that everyone would be quiet, and that there wouldn't be 20 threads about it in this section, then there's something wrong with your perception of the community.
2) They have a say by refusing to adopt the next version and/or switching to other implementations.
As an example, my node would never be upgraded to a version that tries to 'destroy other peoples' coins.

[Ultrafinery]

According to him, coins prior to Bitcoin-Qt version 0.5 are affected. Did he propose to selectively destroy some coins, but not others?
This is like pulling teeth

Nope.

See what I mean about pulling teeth?

Didn't you say that 99% of the people here "don't even understand what Big O notation is" (inb4 paraphrase, not an exact quote)?

I've said that and I stand by it.

How are these simpletons gonna understand what the devs are proposing? And what of the people who are simply hodling their BTC & not sodling it, like, you know, Satoshi? How do they even have a say in this?

1) If you think that in the case of such a proposal that everyone would be quiet, and that there wouldn't be 20 threads about it in this section, then there's something wrong with your perception of the community.
2) They have a say by refusing to adopt the next version and/or switching to other implementations.
As an example, my node would never be upgraded to a version that tries to 'destroy other peoples' coins.

1. Sure there will be 20 threads, there are 20 threads on just about everything, "Why do banks hate bitcoin," "Why do people hate bitcoin," "Why should we use bitcoin," Why should people use bitcoin," etc., etc. How would these 20 threads change anything? Would starting 20 "Death is unfair!!1!" threads make death disappear?
Sometimes I just don't understand how people around here think

2. How would it matter if Satoshi (or any person simply hodling BTC) refuses to "upgraded to a version that tries to 'destroy other peoples' coins"? A detailed explanation plz.