Bitcoin Forum
June 17, 2024, 02:09:26 AM *
News: Voting for pizza day contest
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 »  All
  Print  
Author Topic: Whoever just sent me 0.001 BTC out of the blue...  (Read 4577 times)
elor70
Member
**
Offline Offline

Activity: 84
Merit: 10


View Profile
August 07, 2013, 10:33:17 AM
 #21

why such things never hapen to me.....

stevegee58 (OP)
Legendary
*
Offline Offline

Activity: 916
Merit: 1003



View Profile
August 07, 2013, 10:51:27 AM
 #22

I spent more time looking at the chain of transactions involving this 0.001 BTC transaction.  It's really interesting.  In a very short period of time a bunch of addresses received this amount.  These "donations" occurred dozens (possibly hundreds) of times before and after mine.

If anyone is interested, here's the transaction from blockchain.info:

http://blockchain.info/tx/d0753917b1391384f9013c943fcf5d0a498021d5b147a05b9cdc26c626e4d0a4

You are in a maze of twisty little passages, all alike.
westkybitcoins
Legendary
*
Offline Offline

Activity: 980
Merit: 1004

Firstbits: Compromised. Thanks, Android!


View Profile
August 07, 2013, 01:48:35 PM
 #23

I spent more time looking at the chain of transactions involving this 0.001 BTC transaction.  It's really interesting.  In a very short period of time a bunch of addresses received this amount.  These "donations" occurred dozens (possibly hundreds) of times before and after mine.

If anyone is interested, here's the transaction from blockchain.info:

http://blockchain.info/tx/d0753917b1391384f9013c943fcf5d0a498021d5b147a05b9cdc26c626e4d0a4

This has been discussed in at least one other thread. The plurality opinion seems to be: someone's experimenting with ways of simplifying the tracking of coins. Even if you normally only use each address in your wallet once, if someone drops 0.001 BTC into a change address you've never given out (but which appeared in the blockchain in a spend) it lets them tie that address to future addresses once you spend it.

Lucky? Maybe. Maybe not.... Sad

Bitcoin is the ultimate freedom test. It tells you who is giving lip service and who genuinely believes in it.
...
...
In the future, books that summarize the history of money will have a line that says, “and then came bitcoin.” It is the economic singularity. And we are living in it now. - Ryan Dickherber
...
...
ATTENTION BFL MINING NEWBS: Just got your Jalapenos in? Wondering how to get the most value for the least hassle? Give BitMinter a try! It's a smaller pool with a fair & low-fee payment method, lots of statistical feedback, and it's easier than EasyMiner! (Yes, we want your hashing power, but seriously, it IS the easiest pool to use! Sign up in seconds to try it!)
...
...
The idea that deflation causes hoarding (to any problematic degree) is a lie used to justify theft of value from your savings.
stevegee58 (OP)
Legendary
*
Offline Offline

Activity: 916
Merit: 1003



View Profile
August 07, 2013, 02:45:50 PM
Last edit: August 07, 2013, 03:02:54 PM by stevegee58
 #24

This has been discussed in at least one other thread. The plurality opinion seems to be: someone's experimenting with ways of simplifying the tracking of coins. Even if you normally only use each address in your wallet once, if someone drops 0.001 BTC into a change address you've never given out (but which appeared in the blockchain in a spend) it lets them tie that address to future addresses once you spend it.

Lucky? Maybe. Maybe not.... Sad


I just searched for "0.001 btc" and found one of the threads you mentioned.  So this has been going on for a month or two then.
Now I'm all paranoid about gubment conspiracies trying to de-anonymize BTC addresses.

Is there a way of "sequestering" this 0.001 BTC and never spending it?

You are in a maze of twisty little passages, all alike.
westkybitcoins
Legendary
*
Offline Offline

Activity: 980
Merit: 1004

Firstbits: Compromised. Thanks, Android!


View Profile
August 07, 2013, 07:22:23 PM
 #25

This has been discussed in at least one other thread. The plurality opinion seems to be: someone's experimenting with ways of simplifying the tracking of coins. Even if you normally only use each address in your wallet once, if someone drops 0.001 BTC into a change address you've never given out (but which appeared in the blockchain in a spend) it lets them tie that address to future addresses once you spend it.

Lucky? Maybe. Maybe not.... Sad


I just searched for "0.001 btc" and found one of the threads you mentioned.  So this has been going on for a month or two then.
Now I'm all paranoid about gubment conspiracies trying to de-anonymize BTC addresses.

Is there a way of "sequestering" this 0.001 BTC and never spending it?

If you have a wallet with coin control, yes. But the Qt client doesn't have that.

If I were that concerned about it (not sure if I would be or not,) and didn't have a coin-controlling wallet, here's what I would try:

 - Extract the private key for the address from the wallet
 - Import the private key into a new Blockchain.info browser wallet
 - Create a custom transaction spending 0.001 BTC from that address to the address of your choice (a charity, a friend who doesn't care, a wallet of yours marked "tainted funds," the bitcoin black hole, etc.)
 - Choose "show advanced" to make sure that the offending transaction is the one the 0.001 BTC is tied to
 - Send it

If necessary and I really wanted it done, I'd figure out how to craft the transaction by hand, quadruple-check it, and push it manually.

Anyone wanting privacy who received this "free money" should probably do this, or something similar. For most, it might not matter; after all, this could just be an experiment by some college student. Then again, it could be the NSA attempting to deanonymize bitcoin addresses to track people who donated to Wikileaks. Or anything inbetween.  Undecided

Also, I had an idea...

The person doing this can't really hide his intentions by sending out so many bitcents to so many addresses. But for the rest of us, we can borrow this person's tactic and use it against him. How? Every so often, pick a random transaction in the blockchain and trace some of the coins for a bit, until you hit an address that there's no public record of (other than in the blockchain.) Send a random, small amount of bitcoins to it. If only done infrequently, it shouldn't cause alarm. If even a small % of people do this, it could be enough to thwart the same tactic used against us. Sure, some will worry about the blockchain bloat (I kinda do,) but if it's your privacy at stake, and possibly that of all bitcoin users, it seems legit enough to me.

Just food for thought. Smiley

Bitcoin is the ultimate freedom test. It tells you who is giving lip service and who genuinely believes in it.
...
...
In the future, books that summarize the history of money will have a line that says, “and then came bitcoin.” It is the economic singularity. And we are living in it now. - Ryan Dickherber
...
...
ATTENTION BFL MINING NEWBS: Just got your Jalapenos in? Wondering how to get the most value for the least hassle? Give BitMinter a try! It's a smaller pool with a fair & low-fee payment method, lots of statistical feedback, and it's easier than EasyMiner! (Yes, we want your hashing power, but seriously, it IS the easiest pool to use! Sign up in seconds to try it!)
...
...
The idea that deflation causes hoarding (to any problematic degree) is a lie used to justify theft of value from your savings.
stevegee58 (OP)
Legendary
*
Offline Offline

Activity: 916
Merit: 1003



View Profile
August 08, 2013, 12:31:15 AM
 #26

I just downloaded and familiarized myself with coin control.  It's a really powerful tool.  I can list all the inputs in my wallet and select exactly which ones I want to use to form an Xmit.  I can even form 0 fee Xmits.

You are in a maze of twisty little passages, all alike.
stevegee58 (OP)
Legendary
*
Offline Offline

Activity: 916
Merit: 1003



View Profile
August 08, 2013, 11:13:38 AM
 #27

The plot thickens.  I just received another 0.001 BTC this morning at the same address.

You are in a maze of twisty little passages, all alike.
CasinoBit
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250



View Profile
August 09, 2013, 04:18:15 PM
 #28

It was Satoshi making sure you didn't forget he's watching you  Wink
starsoccer9
Legendary
*
Offline Offline

Activity: 1630
Merit: 1000



View Profile
August 10, 2013, 03:37:07 PM
 #29

The plot thickens.  I just received another 0.001 BTC this morning at the same address.
lucky, I only got that one time
stevegee58 (OP)
Legendary
*
Offline Offline

Activity: 916
Merit: 1003



View Profile
August 10, 2013, 06:47:26 PM
 #30

I don't think it's luck.  Whoever is doing this is paying these 0.001 BTC payments is also paying 0.0005 BTC in fees.

Clearly it's some party probing the BTC network, either for academic studies or nefarious espionage purposes.

You are in a maze of twisty little passages, all alike.
Moebius327
Hero Member
*****
Offline Offline

Activity: 770
Merit: 500



View Profile
August 10, 2013, 06:52:33 PM
 #31

I don't think it's luck.  Whoever is doing this is paying these 0.001 BTC payments is also paying 0.0005 BTC in fees.

Clearly it's some party probing the BTC network, either for academic studies or nefarious espionage purposes.

Quite strange actually. Everything happens with a reason.
Welsh
Staff
Legendary
*
Offline Offline

Activity: 3276
Merit: 4111


View Profile
August 10, 2013, 07:01:30 PM
 #32

This has happened many times before. Either for new parties testing the whole Bitcoin concept out or for other reasons which remain unknown. I believe there was a similar event which a fellow was learning to program and setup a script which sent to random address, if it matched a Blockchain address it would send a satoshi. Maybe, it was for a future website or project he was planning. Maybe it's something similar, maybe a little to much to be sending if it's that reason, also there are other means to go about that particular method.
westkybitcoins
Legendary
*
Offline Offline

Activity: 980
Merit: 1004

Firstbits: Compromised. Thanks, Android!


View Profile
August 11, 2013, 07:19:10 PM
 #33

The Android security flaw might be an alternative explanation for the "address seeding":

https://bitcointalk.org/index.php?topic=271831.msg2911785#msg2911785

Spend 1 BTC on seeding, find expose an address private key with 5 BTC in it, profit!

Bitcoin is the ultimate freedom test. It tells you who is giving lip service and who genuinely believes in it.
...
...
In the future, books that summarize the history of money will have a line that says, “and then came bitcoin.” It is the economic singularity. And we are living in it now. - Ryan Dickherber
...
...
ATTENTION BFL MINING NEWBS: Just got your Jalapenos in? Wondering how to get the most value for the least hassle? Give BitMinter a try! It's a smaller pool with a fair & low-fee payment method, lots of statistical feedback, and it's easier than EasyMiner! (Yes, we want your hashing power, but seriously, it IS the easiest pool to use! Sign up in seconds to try it!)
...
...
The idea that deflation causes hoarding (to any problematic degree) is a lie used to justify theft of value from your savings.
wrend
Member
**
Offline Offline

Activity: 76
Merit: 10


View Profile
August 12, 2013, 06:07:35 AM
 #34

i randomly received .15 btc yesterday to one of my android generated addresses.  Why would I randomly get free money?  this never happened to me before, is this related to the flaw?

Potentially different (worrisome) issue.

https://bitcointalk.org/index.php?topic=269231.0

There is the chance that spending that "free money" could result in the private key of that address being exposed.


from topic:
 http://bitcointalk.org/index.php?topic=271831.100  
[ANNOUNCE] Android key rotation
stevegee58 (OP)
Legendary
*
Offline Offline

Activity: 916
Merit: 1003



View Profile
August 12, 2013, 11:32:26 AM
 #35

Well fortunately I'm running a standard full bitcoin client so this won't affect me.  I guess it really is free money then (for me).

You are in a maze of twisty little passages, all alike.
threeip
Full Member
***
Offline Offline

Activity: 154
Merit: 100



View Profile WWW
August 12, 2013, 05:28:35 PM
 #36

This has been discussed in at least one other thread. The plurality opinion seems to be: someone's experimenting with ways of simplifying the tracking of coins. Even if you normally only use each address in your wallet once, if someone drops 0.001 BTC into a change address you've never given out (but which appeared in the blockchain in a spend) it lets them tie that address to future addresses once you spend it.

Isn't that address already 'exposed' from the original transaction?

Well fortunately I'm running a standard full bitcoin client so this won't affect me.

At first I thought the 0.001's were going to Android-only tx, but I guess not.

ส็็็็็็็็็็็็็็็็็็็็็็็็็ GPG:2AFD99BB ಠ_ಠ mon
r3wt
Hero Member
*****
Offline Offline

Activity: 686
Merit: 504


always the student, never the master.


View Profile
August 12, 2013, 05:30:33 PM
 #37

relax guys, i scraped the forum a while back for bitcoin addresses in threads tagged giveaway. i happened upon an ancient thread where 70+ users had signed up for a giveaway. i used the addresses, which were already prepared in rpc form  and did an anonymous "bit-penny" giveaway. a small way of giving back to the community. may or may not have been me but it was probably something similar

My negative trust rating is reflective of a personal vendetta by someone on default trust.
westkybitcoins
Legendary
*
Offline Offline

Activity: 980
Merit: 1004

Firstbits: Compromised. Thanks, Android!


View Profile
August 12, 2013, 10:08:32 PM
 #38

This has been discussed in at least one other thread. The plurality opinion seems to be: someone's experimenting with ways of simplifying the tracking of coins. Even if you normally only use each address in your wallet once, if someone drops 0.001 BTC into a change address you've never given out (but which appeared in the blockchain in a spend) it lets them tie that address to future addresses once you spend it.

Isn't that address already 'exposed' from the original transaction?


If you mean exposed and vulnerable to the Android random-number sloppiness, then no. Quick explanation from my learnings:

There are three parts to a bitcoin address/keypair/etc.: the private key, the public key, and the address.

The private key is where it all starts. Elliptic-curve (ECDSA) encryption is used to get the public key from the private key. SHA-256 hashing and RIPEMD-160 hashing are used to get the address from the public key.

The address is what you give out to folks. It's protected by ECDSA encryption and three actual hashes from two different methods. We currently know it to be safe from even quantum computing. Receiving bitcoins at a truly random address is essentially riskless.

But to SPEND from that address, you need to reveal your public key. This is still considered safe (to non-quantum computers) since you can't (normally) get the private key from just the public key. The transaction is signed using ECDSA, and in theory should be solid.

But ECDSA signing requires fresh random numbers each time you use it. If your computer happens to spit out the same "random" number twice whenever you ask for one to sign more than one transaction with the same private key, then you're in trouble, because the signature on the transactions will be similar, and it won't take any real effort to figure out the private key from the two transactions.

IIRC, this sort of potential "loophole" was just one of several reasons why you really were never supposed to re-use bitcoin addresses. But, humans being what we are and all....  Roll Eyes

(Yes, I do it too, for the convenience of course....)

Bitcoin is the ultimate freedom test. It tells you who is giving lip service and who genuinely believes in it.
...
...
In the future, books that summarize the history of money will have a line that says, “and then came bitcoin.” It is the economic singularity. And we are living in it now. - Ryan Dickherber
...
...
ATTENTION BFL MINING NEWBS: Just got your Jalapenos in? Wondering how to get the most value for the least hassle? Give BitMinter a try! It's a smaller pool with a fair & low-fee payment method, lots of statistical feedback, and it's easier than EasyMiner! (Yes, we want your hashing power, but seriously, it IS the easiest pool to use! Sign up in seconds to try it!)
...
...
The idea that deflation causes hoarding (to any problematic degree) is a lie used to justify theft of value from your savings.
threeip
Full Member
***
Offline Offline

Activity: 154
Merit: 100



View Profile WWW
August 12, 2013, 10:36:05 PM
 #39

I meant, if the original change-making transaction (and probably associated generation of that address) could be used as one half of the comparable transactions.

or

If the android client used the same 'rand', from say, 6 months ago?

ส็็็็็็็็็็็็็็็็็็็็็็็็็ GPG:2AFD99BB ಠ_ಠ mon
Machinery
Newbie
*
Offline Offline

Activity: 39
Merit: 0


View Profile
August 15, 2013, 01:45:25 AM
 #40

I did. It was a mistake. Please send it back.
Pages: « 1 [2] 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!