The Red List

[Chet]

I still don't see how honest business that has btc in and btc out avoids getting contaminated and having to jump thru hoops to clear their 'name'.
It really strikes me much like gun registration, punish the innocent because of a few bad eggs.

Better idea to work on  theft prevention.

[1713883073]

1713883073

[1713883073]

1713883073

[datz]

This is a nice idea that will possibly serve better as a suggestion that bitcoin is regulated against fraud, rather than be a tool to prevent it.

There are far too many ways that fraud can take place, that I can't see this project being much more than the equivalent to Spamhaus for the Bitcoin community.

However, if it wasn't for the likes of Spamhaus, would email be used as much as it is today?  Would email be subject to far more regulation?

I like the Red List project, but please try to explain to some of the hard of thinking on this forum that its not a way to prevent crime!

It prevents crime by creating a psychological deterrent.

Here is a story to clarify:

My friend John insures his wallet in a custom insurance group in Bitinsure.

His wallet is hacked and 20 BTC are stolen and sent to the thief's wallet.

We submit the thief's first degree wallet address to The Red List.

Using the same wallet, the thief attempts to pay for an OKCupid subscription.

OkCupid runs the public address against The Red List using the API and gets a first degree match - a definite redlist.

Since the wallet is first degree, OkCupid decides to send personal information gleaned from the thief's OkCupid profile to The Red List for investigation.

Here is a second story:

My friend John insures his wallet in a custom insurance group in Bitinsure.

His wallet is hacked and 20 BTC are stolen and sent to the thief's wallet.

We submit the thief's first degree wallet address to The Red List.

The thief sends the BTC to two more wallets.

We submit the second degree wallet addresses to The Red List.

The thief uses one wallet to purchase cooking ware on Amazon via BitSpend.

BitSpend checks the wallet address against The Red List, gets a second degree match, and issues the thief a questionnaire asking where he got the money from at the time of purchase. BitSpend may also send minimal identifying information such as a piece of the address back to The Red List for private storage and factoring into the indefinite algorithm which will increase The Red List ranking if the same minimal identification information is flagged/sent again by the same or another business.  

The thief gets his cooking ware from Amazon via BitSpend but after the questionnaire is apprehensive so decides to use a mixing service on the contents of the second wallet.

The thief mixes his BTC and gets BTC transferred into a new wallet.

A different person who used the mixing service spends the BTC on a Gyft gift certificate. Gyft runs the public address against The Red List and issues that second person a questionnaire - that person reveals he recently used a mixing service and names the service. The results of the questionnaire are sent to The Red List.

The Red List now has money laundering evidence against the mixing service and suspicions against/algorithm inputs for an identifying piece of information from the first wallet.

[datz]

I still don't see how honest business that has btc in and btc out avoids getting contaminated and having to jump thru hoops to clear their 'name'.
It really strikes me much like gun registration, punish the innocent because of a few bad eggs.

Better idea to work on  theft prevention.

Their name will never be tainted - only the first degree flagged wallet. A BTC in BTC out business may register with The Red List and even if the business does not register will only ever get flagged as a second degree. If that business never spends BTC out of the receptive wallet, they will never even get a second degree notice. Any information submitted by concerned parties after a second degree spend will validate that business as a BTC in BTC out - so they need not worry. They will never be publicly tainted.

Also, hopefully that business will be screening tainted money anyway by running against The Red List and The Red List will factor in this screening.

[Chet]

I still dont know what you mean by a mixing service.
How about I take some of that stolen btc (from the wallet John should have secured) and make some bets at satoshi dice or play poker or something.
Are all of those gambling sites now 'contaminated'? All the money coming from them is considered 'secondary'?

So another person wins big playing poker and now can't spend the money without jumping thru hoops?

[datz]

I still dont know what you mean by a mixing service.
How about I take some of that stolen btc (from the wallet John should have secured) and make some bets at satoshi dice or play poker or something.
Are all of those gambling sites now 'contaminated'? All the money coming from them is considered 'secondary'?

So another person wins big playing poker and now can't spend the money without jumping thru hoops?

No, no wallets are ever "contaminated" except for the first degree wallet - just under surveillance.

The gambling site would be wise to run the wallet against The Red List before accepting payment.

If the gambling site registered with The Red List, it need not worry.

If not, the site may get prompted with a questionnaire if directly attempting to spend second degree flagged BTC at a legitimate business.

The person winning at poker would be third degree at most and if repeatedly spends surveilled BTC may have to answer a questionnaire or may make The Red List after repeated low degree BTC flagged purchases at legitimate businesses if statistically determined he is in possession of stolen funds at a statistically significant rate much higher (alpha of 0.02) than average possession of stolen funds.  

[Chet]

Well I am convinced now earlier poster here that said all btc would wind up flagged is pretty much right.
And you will be asking people to do stuff for you, check the list, answer questions etc.
That sort of thing is already rampant enough with places like paypal freezing accounts and making people jump thru hoops because they set off some 'alarm' in a perfectly innocent way.

I think companies have it bad enough being forced to perform as agents of the government (collect taxes) for free and now you want all BTC companies to work for your insurance program for free.

[datz]

Really the point is to establish a psychological deterrent against theft - The Red List will not violate anyone's privacy or peg anyone's wallet as "contaminated" unless it is first degree. The Red List will not publicly shame or incriminate anyone - it will act to promote awareness. At any time you may check your wallet to see if the BTC you just received or accepted was directly stolen. You can better establish networks of trust. It is really a public service.

The Red List is not a requirement and is not a regulation.

[datz]

Well I am convinced now earlier poster here that said all btc would wind up flagged is pretty much right.
And you will be asking people to do stuff for you, check the list, answer questions etc.
That sort of thing is already rampant enough with places like paypal freezing accounts and making people jump thru hoops because they set off some 'alarm' in a perfectly innocent way.

I think companies have it bad enough being forced to perform as agents of the government (collect taxes) for free and now you want all BTC companies to work for your insurance program for free.

No one will be flagged except for definite thieves.

There are no hoops to jump through unless you are attempting to spend directly stolen BTC. Even then it is maximum a click through one field form.

The companies are actually working for themselves. By including one line of code to check public addresses, they are deterring expensive regulation, performing a public service, and preventing expensive government suits.

[datz]

Well I am convinced now earlier poster here that said all btc would wind up flagged is pretty much right.
And you will be asking people to do stuff for you, check the list, answer questions etc.
That sort of thing is already rampant enough with places like paypal freezing accounts and making people jump thru hoops because they set off some 'alarm' in a perfectly innocent way.

I think companies have it bad enough being forced to perform as agents of the government (collect taxes) for free and now you want all BTC companies to work for your insurance program for free.

Companies may chose to ignore The Red List - but they will only end up paying more later down the line when world governments step in with more expensive regulation and stricter standards. I suspect more companies would rather choose to embrace an open-sourced community-driven project that actually does this right.

[Chet]

Sounds like TSA.
Its for your own good, we are helping protect you.

[datz]

Sounds like TSA.
Its for your own good, we are helping protect you.

Well TSA does not protect you from government regulation, they are government regulation. The Red List is controlled by you, so you are essentially regulating yourself in a way that deters regulation you do not control and in a way that honestly protects people and deters theft.

[Chet]

No
The red list is controlled by you. By whatever rules (regulations) you chose to make.
TSA  just wanted me to go thru metal detectors
then they wanted shoes off
now they practically rape 

You want 1 line of code and a questionnaire and some companies to register.
Whats next?

[datz]

No
The red list is controlled by you. By whatever rules (regulations) you chose to make.
TSA  just wanted me to go thru metal detectors
then they wanted shoes off
now they practically rape 

You want 1 line of code and a questionnaire and some companies to register.
Whats next?

No if it is open-sourced it really is not controlled by me. All the algorithms will be public information. It is not up to me whether companies choose to run public addresses by the register. Some of the private identifying information might be privy to my organization but that is all.

The Red List is not under my control. Sure it will help bitinsure deter theft against insured wallets, but that is only the tip of the iceberg in terms of public benefits.

The list is simply information companies may choose to add to or run queries against. Key word choose.

The Red List is a deterrent against regulation that is on the horizon. Without a preemptive response, a preemptive strike, the Bitcoin community will get hid hard by upcoming, fee imposing regulation. I have never been wrong and never will be.

We need a way to maintain anonymity and satisfy government agencies - we see what is happening with U.S. homeland security vs Mt. Gox.

It's better that we control our own economy and our own theft/fraud prevention measures than government agencies.

We need The Red List. 

[datz]

The U.S. government could start a fraud/theft reporting service right now and fine/audit all companies which accept payments from wallets receiving stolen funds. The block chain is public information. Everyone could get shut down in the next month. Would you rather take preventative measures or sit on your arse and watch Bitcoin burn?

[Chet]

Let it burn
What you say makes no sense
1) US gov  can't control the whole world
2) TSA is still there, airlines are not 'trusted' to police themselves

[datz]

Let it burn
What you say makes no sense
1) US gov  can't control the whole world
2) TSA is still there, airlines are not 'trusted' to police themselves

1) Any company registered in any country is subject to that country's regulations and laws

2) If the airlines had done a good job of policing themselves the TSA would be unnecessary and would not exist.

[Chet]

Let it burn
What you say makes no sense
1) US gov  can't control the whole world
2) TSA is still there, airlines are not 'trusted' to police themselves

2) If the airlines had done a good job of policing themselves the TSA would be unnecessary and would not exist.

I got some nice coastal property in Arizona, cheap.
 

[Peter Todd]

If the thief uses a mixing service, we will flag that mixing service as a money launderer and will flag wallets the funds ultimately get mixed to, disincentiving users of mixing services

As for those Bitcoin users who like their coins to be fungible, I'm one of a few people looking into how to create a mixing capability within Bitcoin itself that will let you automatically mix your coins with others, potentially as often as every transaction you make. This mixing is done in a trust-free manner; you're coins can-not be stolen by mixing them. This will increase financial privacy for all Bitcoin users, and as a nice side-effect reduce transaction costs by about %10 (large transactions are more efficient than multiple small ones)

[datz]

If the thief uses a mixing service, we will flag that mixing service as a money launderer and will flag wallets the funds ultimately get mixed to, disincentiving users of mixing services

As for those Bitcoin users who like their coins to be fungible, I'm one of a few people looking into how to create a mixing capability within Bitcoin itself that will let you automatically mix your coins with others, potentially as often as every transaction you make. This mixing is done in a trust-free manner; you're coins can-not be stolen by mixing them. This will increase financial privacy for all Bitcoin users, and as a nice side-effect reduce transaction costs by about %10 (large transactions are more efficient than multiple small ones)

Sounds great for anonymity as long as it does not bog down transactions. Scalability is already an issue.

[datz]

If the thief uses a mixing service, we will flag that mixing service as a money launderer and will flag wallets the funds ultimately get mixed to, disincentiving users of mixing services

As for those Bitcoin users who like their coins to be fungible, I'm one of a few people looking into how to create a mixing capability within Bitcoin itself that will let you automatically mix your coins with others, potentially as often as every transaction you make. This mixing is done in a trust-free manner; you're coins can-not be stolen by mixing them. This will increase financial privacy for all Bitcoin users, and as a nice side-effect reduce transaction costs by about %10 (large transactions are more efficient than multiple small ones)

Also, with built in mixing governments cannot impose regulation and cannot track transfers - sort of like the whole legalities of the Mega in-browser encryption bit. But, for the time being, without built in mixing, we still need The Red List or Bitcoin companies will be taken down like Mega (for accepting stolen funds rather than hosting copyrighten content).