What if dev-team is compromised?

[theymos]

Because your handlers wouldn't allow you to say that, and if you reply, it's proof you are still alive and not in solitary confinement.

That's exactly what they want you to think.

[1713299611]

1713299611

[1713299611]

1713299611

[1713299611]

1713299611

[Rassah]

Because your handlers wouldn't allow you to say that, and if you reply, it's proof you are still alive and not in solitary confinement.

That's exactly what they want you to think.

Crap. Guess I better cash out that 750 before it becomes worthless! 

[Kouye]

Wow.
Answer is much simplier than that.

If devs try to cheat, they will be busted within 30 seconds at most, and will be jailed/banned/replaced.

/thread.

[gmaxwell]

If devs try to cheat, they will be busted within 30 seconds at most, and will be jailed/banned/replaced.

oh... if were true ...

But it's not.  The assumption that it is already true is probably a major reason that it isn't: a catch 22.

[jbreher]

Does bitcoin have some type of alert/alarm when a fork exists so I can avoid taking payments or sending during this time?

Yes. If there's an invalid chain longer than your current chain, Bitcoin will automatically give you a warning and go into safe mode. 0.8.5 (probably) will go into safe mode if a competing chain is even approaching a dangerous length.

OK - where do I learn what this 'safe mode' is?

[elor70]

i dont think they have that much power over us...

[im3w1l]

Story time:

The year is 2016. Bitcoin has been a massive success, and is adopted far and wide. The success naturally lead to an influx of new users with different values from the old timers. Eternal September set in slowly, but surely. New voices were heard, questions were being asked. "Pedophilia is horrible and must be banned", "We can't go fund some terrorists", "Is is it really fair that 10% of users own 90% of bitcoin?". At first they were few enough that the community could point and laugh. They were written off as trolls. But the tides of history swept in mercilessly. They grew in strength. One day it was announced on the forums: "50% of bitcoins are to be redistributed to disadvantaged groups". A long explanation of privilege and of how some people had not had a fair chance at securing coins followed. People were upset. Can they really do that? The early adopters were most upset of all, both because of the theft, but also because they very truer believers. Forum post after forum post were written to talk some sense into the dev team. Banwave after banwave rolled in. Of course it didn't make them disappear. But it hid them. Safely away from the large hordes of users that didn't really care and just wanted to buy stuff online. The crowds network effects are made of. A fork was created where the redistribution had never taken place. The ideologues used it, but it never really caught on. Most users were to lazy to type in a new chain configuration. And besides, wasn't it right that everyone got a fair chance in the new age?

The End

[thechevalier]

Yes, that is a real threat.

Some would argue the dev-team is already compromised--what with their rush to cozy up to regulators (not what I think).

That's why projects like btcd are so important. It's concerning there are not more independent implementations of the Bitcoin protocol.

[TraderTimm]

And then began the dark times...

"The Blockchain Wars"

Paul always knew he wanted to be a miner. Now with Bitcoin entering its final years of rewarding those with the dedication and grit to keep their machines running, all racing along the the difficulty curve that rose from the foggy depths of single digits towards the trillions. Just one found block, and he wouldn't have to work for the rest of his life. Not that he minded, there were plenty of places where his skills could be utilized, but it wasn't for him.

Paul dreaded the monotony and slow death that large corporations offered, especially after the special economic zones started running. Wedded to a firm for life, working up the ranks and sucking down the horrible beverages, most designed to "accentuate" your mental skills. Pure chemical blather, he thought.

But nothing like mining. Nothing like tweaking your machine until it was churning just fast enough to produce hashes, but cool enough not to self-combust. Paul was a pro. He had all the latest tech, everything had been through a few test baths of sub-zero coolant, just to get a baseline. He would then start working on the custom enclosures and pressure vessels that would house his hyperactive circuits, keeping them just on the right side of self-destruction.

That's when his jaw buzzed. A dropdown slid into his view, announcing Jerry's insistent hail. Tensing his muscles slightly, he made the scissor-like motion to answer.

"Look -- hey Paul-o, we gotta shift and shift it now, man!"

Jerry's breathing was ragged, and for a moment Paul thought he was running away from something.

"I'm in the shop, what's the deal?"

"Its the chain man - we gotta boost off this chain before we get our asses swamped!"

Satoshi save us, not this shit again...

"Look, I only have 10 PetaHashes and that's all from recycled stuff, and most of that is splintered along some alts that I care about. You want to play chain-war, you get someone else."

"Comon Paul.. look, you gotta back me here - you know if my alt gets swamped then I'm done, right? I've worked on this so LONG..."

Ragged breath, some coughing rattling down the thinband in slight attenuated shifts.

"Alright, fine. I'll see if I can cobble together some of the older shit I have in storage. I'll get back to you, k?"

"Oh THANKS MAN, You and me baby -- we're gonna make 'em wish they never tried!! Woo-"

Paul cut off the call mid whoop, not wanting to subject himself to another aural beating. Great. Another chain war, another series of long feints to defend somebody's idea of the best cryptonomy. Paul shook his head, knowing he'd support his friend, but at what cost? He had his own projects, thank you -- and having to turn most of his capacity over to some other chain... dammit, dammit...

Well, beats working for the corps, and at least you get to stay in this boosted unit on the edge of the zone. Paul put his head in his hands, trying to knead out some of the tiredness from behind his eyes.

[Dabs]

Ok, how do you forcefully re-distribute coins that are buried more than 100 blocks deep already?

[gmaxwell]

Ok, how do you forcefully re-distribute coins that are buried more than 100 blocks deep already?

Pretty trivially when almost everyone is on a SPV node because a full node requires gigabits of network connectivity, and when everyone who isn't would have to accept the invalid blocks or otherwise be left behind by the economic supermajority of people who are.   (this is all in some fantasy world where Bitcoin is widely used enough for a seriously funded attack, right?)

[Dabs]

The fairy tales I'm reading so far are just the not-too-distant future, or a close future. I don't see SPV only nodes existing except on mobile devices.

A lot of people will keep their full nodes for at least the next decade, or two.

I use only bitcoin-qt on my laptop, that's a full node right? I don't see myself switching from it for a long time. When it takes up half of my hard drive space, I may consider the alternatives, but for now I will keep using this.

[virtualmaster]

This is a really serious threat compromising Bitcoin on the developer side.
Let me show some ideas how the Namecoin identity and namespace system could contribute to improve this threat.
If every developer and some security experts creates a Namecoin identity for ex. id/gagarin and id/bob and they publicate this on their main website.
http://dot-bit.org/Namespace:Identity
Everybody could check the authenticity of their files or expertise analysis published against the key on their Namecoin id id/gagarin and id/bob.

It could be also created a new namespace bitcoin/ and they create there also an identity bitcoin/gagarin and bitcoin/bob for bitcoin related issues, which is signed with their key published on id/gagarin and id/bob. It could be created also namespace entries for every subproject, like gagarin084, gagarin091 ....
In every namespace entry would be stored the signature of the downloadable file. L
like bitcoin/gagarin084{
"signature" : "signaturetext",
"update-priority" : "high",
"improovements" : "security, client-graphic",
"comments" : "...",
"available" : "http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.8.4/",
...
}

In bitcoin/gagarin he makes an entry for every version
bitcoin/gagarin
{
...
"releases" : [..., "gagarin083", "gagarin084"]
}

Some security experts or known developers could publish their meaning on every release.
For ex.

like bitcoin/bob084{
"signature" : "signaturetext",
"downloaded from" : "http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.8.4/",
"version" : "windows binary",
"network-communication" : " not checked",
"local-activity" : "checked",
local-encryption" : "checked",
"comments" : "it seems to be in order, no dubious activity detected",
...
}


So every release is signed and commented from authenticated authors and the signatures are stored unfalsifiable in the Namecoin blockchain.
It is not affected by website hijacking or take down.

You can explore the entries from the namecoin client or from the web
explorer.bit/ -> for ex. id/khal (enable .bit browsing)
It works on any namespace like anything/youimagine.

[gmaxwell]

Everybody could check the authenticity of their files or expertise analysis published against the key on their Namecoin id id/gavin and id/bruce.

I hate to crap on someones neat idea, but this sounds completely pointless. You need some way to know that these IDs are the right people, and that id/gavin isn't just some squatter and the real gavin isn't id/gavin11.  If you've solved that then you can just use the PGP signatures we already have.

Better, the PGP keys are connected to the PGP web of trust, so you do have a starting point to cold validate the keys at least as belonging to specific named people. 

[virtualmaster]

Everybody could check the authenticity of their files or expertise analysis published against the key on their Namecoin id id/gavin and id/bruce.

I hate to crap on someones neat idea, but this sounds completely pointless. You need some way to know that these IDs are the right people, and that id/gavin isn't just some squatter and the real gavin isn't id/gavin11.  If you've solved that then you can just use the PGP signatures we already have.

Better, the PGP keys are connected to the PGP web of trust, so you do have a starting point to cold validate the keys at least as belonging to specific named people. 

May be you have right with the real names. So I changed them even if they are not so suggestive.

[Luckybit]

Suppose someone accidentally the whole dev team? Or suppose it is infiltrated? Or suppose they are bought off?

How should we as a community react? Probably fork right, but what fork? It is easy to imagine a dozen forks springing up before things stabilize. In a worst case they could be so weak, the original, comprised chain becomes the favored one, simply because it is easier to stick with the status quo.

Maybe we could benefit from a chain of command or something?

It's open source so it wont make much of a difference but it does mean an audit would be necessary and a complete rewrite.

[crazy_rabbit]

The US government intelligence agencies have been interested in Bitcoin for a number of years now. I'm sure if it's compromised, it's been compromised for awhile now.

That said, this is why it's important to be open source and make sure everyone is checking everything.

[TraderTimm]

In all seriousness though, I'd like to have a mechanism whereby if a core developer is approached by any gov't to compromise bitcoin, they have to resign - and announce that publicly, signing the message with the same pgp signature used to commit their changes to the Bitcoin codebase.

I know that the devs wouldn't just sit there if such a situation occurred, but I'd feel better knowing there was some kind of notification process to deal with it.

[Rassah]

In all seriousness though, I'd like to have a mechanism whereby if a core developer is approached by any gov't to compromise bitcoin, they have to resign - and announce that publicly, signing the message with the same pgp signature used to commit their changes to the Bitcoin codebase.

I know that the devs wouldn't just sit there if such a situation occurred, but I'd feel better knowing there was some kind of notification process to deal with it.

Good idea, but may be unnecessary, due to so many different devs working on different bitcoin clients. It'll be like someone from the gov asking a dev working on Ubuntu to compromise it. All other Ubuntu devs will notice, all other Linux devs that use Ubuntu code will notice, and all the dozens of other Linux distros will not even notice.

[will1982]

I imagine that, if malicious, the compromisors (?) would push out an update to QT with a virus or a way to screw up the network