Bitcoin Forum
November 05, 2024, 01:04:58 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Bitcoin > Bitcoin Discussion > How to audit the mtgox and mybitoin?
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: How to audit the mtgox and mybitoin?  (Read 1348 times)
qikaifu (OP)
Full Member
***
Offline Offline

Activity: 168
Merit: 100


God creats math and math creats bitcoin.


View Profile
June 26, 2011, 04:29:54 AM
 #1
This is not really a post concerning about mybitcoin, but about the future of the bitcoin economy.
The service like mybitcoin is no doubt to play a very import role in the future. I guess we need audit firm such  as KPMG, PWC to audit the asset which these service provider should have. So is it possible for an audit firm to check whether mybitcoin has those numbers of bitcoin, but at the same time, preventing the auditor  from copy  the private key that mybitcoin have?

If you see any of my suggestions useful, please donate me. http://btc.to/ec
FuzzyCoins
Newbie
*
Offline Offline

Activity: 29
Merit: 0


View Profile
June 26, 2011, 04:35:27 AM
 #2
They would have to publish their wallet addresses (and then anyone can see how much is in the wallets), and then they could send small transaction amounts to a trusted party from each wallet to prove they had control of the wallets.
JoelKatz
Legendary
*
Offline Offline

Activity: 1596
Merit: 1012


Democracy is vulnerable to a 51% attack.


View Profile WWW
June 26, 2011, 04:40:58 AM
 #3
Quote from: qikaifu on June 26, 2011, 04:29:54 AM
This is not really a post concerning about mybitcoin, but about the future of the bitcoin economy.
The service like mybitcoin is no doubt to play a very import role in the future. I guess we need audit firm such  as KPMG, PWC to audit the asset which these service provider should have. So is it possible for an audit firm to check whether mybitcoin has those numbers of bitcoin, but at the same time, preventing the auditor  from copy  the private key that mybitcoin have?
It's not only possible, it's trivial. Proving you have a particular private key is one of the simplest things to do.
I am an employee of Ripple. Follow me on Twitter @JoelKatz
1Joe1Katzci1rFcsr9HH7SLuHVnDy2aihZ BM-NBM3FRExVJSJJamV9ccgyWvQfratUHgN
qikaifu (OP)
Full Member
***
Offline Offline

Activity: 168
Merit: 100


God creats math and math creats bitcoin.


View Profile
June 26, 2011, 04:46:34 AM
 #4
Quote from: FuzzyCoins on June 26, 2011, 04:35:27 AM
They would have to publish their wallet addresses (and then anyone can see how much is in the wallets), and then they could send small transaction amounts to a trusted party from each wallet to prove they had control of the wallets.

So let's call this method AT("Appointed Transaction").So what if I have a lot of bitcoin, and I provide some service which are virtually illegal and immoral like this:

"I have 100000 bitcoins. If you wants to prove to other people you have such amout of coins, I will help you with AT auditing process. The price is 2% of the amout you want to be apparently under your control. My contact information is LiarHeaven@XXXX.XXX.
If you see any of my suggestions useful, please donate me. http://btc.to/ec
qikaifu (OP)
Full Member
***
Offline Offline

Activity: 168
Merit: 100


God creats math and math creats bitcoin.


View Profile
June 26, 2011, 04:47:41 AM
 #5
Quote from: JoelKatz on June 26, 2011, 04:40:58 AM
Quote from: qikaifu on June 26, 2011, 04:29:54 AM
This is not really a post concerning about mybitcoin, but about the future of the bitcoin economy.
The service like mybitcoin is no doubt to play a very import role in the future. I guess we need audit firm such  as KPMG, PWC to audit the asset which these service provider should have. So is it possible for an audit firm to check whether mybitcoin has those numbers of bitcoin, but at the same time, preventing the auditor  from copy  the private key that mybitcoin have?
It's not only possible, it's trivial. Proving you have a particular private key is one of the simplest things to do.

But at the same time, you have to prevent STEALING in the process of the AUDITING.

The database of the mtgox was lost in the auditing process.

It's not like the auditing of gold storage. An auditor are not that easy to take away a piece of gold without being caught. But a private key is only a piece of information, the auditor got the information and got the money!
If you see any of my suggestions useful, please donate me. http://btc.to/ec
JoelKatz
Legendary
*
Offline Offline

Activity: 1596
Merit: 1012


Democracy is vulnerable to a 51% attack.


View Profile WWW
June 26, 2011, 08:59:13 AM
 #6
Quote from: qikaifu on June 26, 2011, 04:47:41 AM
Quote from: JoelKatz on June 26, 2011, 04:40:58 AM
Quote from: qikaifu on June 26, 2011, 04:29:54 AM
This is not really a post concerning about mybitcoin, but about the future of the bitcoin economy.
The service like mybitcoin is no doubt to play a very import role in the future. I guess we need audit firm such  as KPMG, PWC to audit the asset which these service provider should have. So is it possible for an audit firm to check whether mybitcoin has those numbers of bitcoin, but at the same time, preventing the auditor  from copy  the private key that mybitcoin have?
It's not only possible, it's trivial. Proving you have a particular private key is one of the simplest things to do.

But at the same time, you have to prevent STEALING in the process of the AUDITING.
Trivial. Proving you have a particular secret key without comprising it is pretty much trivial.

Quote
The database of the mtgox was lost in the auditing process.

It's not like the auditing of gold storage. An auditor are not that easy to take away a piece of gold without being caught. But a private key is only a piece of information, the auditor got the information and got the money!
The auditor presents you a bitcoin address. You then compose a list of public keys and for each one, you sign an intentionally defective transaction transferring 0 BTC to the auditor's bitcoin address. You give the transactions to the auditor. The auditor confirms the signature on each transaction and sums the amount of BTC that can be claimed by each key. He then knows for sure how much you could transfer without ever compromising anything.
I am an employee of Ripple. Follow me on Twitter @JoelKatz
1Joe1Katzci1rFcsr9HH7SLuHVnDy2aihZ BM-NBM3FRExVJSJJamV9ccgyWvQfratUHgN
qikaifu (OP)
Full Member
***
Offline Offline

Activity: 168
Merit: 100


God creats math and math creats bitcoin.


View Profile
June 26, 2011, 10:57:58 AM
 #7
JoelKatz, thanks.
If you see any of my suggestions useful, please donate me. http://btc.to/ec
theymos
Administrator
Legendary
*
Offline Offline

Activity: 5376
Merit: 13368


View Profile
June 26, 2011, 11:09:36 AM
 #8
If the services kept each person's BTC separate, they could give people withdrawal transactions in advance. The users could then withdraw at any time without contacting the service by broadcasting the transaction. The users would also know immediately if any of these funds were spent.
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
Pages: [1]
  Print  
Bitcoin Forum > Bitcoin > Bitcoin Discussion > How to audit the mtgox and mybitoin?
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!