Mike Hearn, Foundation's Law & Policy Chair, is pushing blacklists right now

[Amitabh S]

Let Mike just keep quiet about this in public.
We haven't heard anything from law enforcement yet.  Wait until we hear from the panel in the upcoming Senate hearings.  If they suggest controls, then it will be time to consider options.  Otherwise, we have no need to implement a blacklist, redlist, or any other restriction.

Its called Bitcoin, not USAcoin.

[1713957728]

1713957728

[1713957728]

1713957728

[1713957728]

1713957728

[1713957728]

1713957728

[1713957728]

1713957728

[Quetzalcoatl_]

Redlisting does not involve blacklisting or whitelisting coins. Think of it as attaching a breadcrumb trail to coins that someone suspects are illicitly gained. It doesn't stop anyone from accepting them or spending them. It does, however, provide kind of an informational bread crumb trail for law enforcement to later track if it's necessary.

If I sell something and accept redlisted coins for it, then the bread crumb trail leads to me. I sure as hell wouldn't accept coins that could lead law enforcement to my doorstep, and nobody else wants law enforcement harassing them because they're suspected of being the person who illicitly gained the coins. Therefore, everyone will refuse to accept redlisted coins as soon as law enforcement starts getting search warrants against people who end up with them.

[coinft]

Redlisting does not involve blacklisting or whitelisting coins. Think of it as attaching a breadcrumb trail to coins that someone suspects are illicitly gained. It doesn't stop anyone from accepting them or spending them. It does, however, provide kind of an informational bread crumb trail for law enforcement to later track if it's necessary.

If I sell something and get redlisted coins for it, then the bread crumb trail leads to me. I sure as hell wouldn't accept coins that could lead law enforcement to my doorstep, and nobody else wants law enforcement harassing them because they're suspected of being illicitly gained. Therefore, everyone will refuse to accept redlisted coins as soon as law enforcement starts getting search warrants against people who end up with them.

To keep bitcoins fungible and valuable everyone with a stake in bitcoin should accept and redistribute tainted coins as much as possible, e.g. using CoinJoin. When everything is tainted, nothing is.

[Luckybit]

Redlisting does not involve blacklisting or whitelisting coins. Think of it as attaching a breadcrumb trail to coins that someone suspects are illicitly gained. It doesn't stop anyone from accepting them or spending them. It does, however, provide kind of an informational bread crumb trail for law enforcement to later track if it's necessary.

If I sell something and get redlisted coins for it, then the bread crumb trail leads to me. I sure as hell wouldn't accept coins that could lead law enforcement to my doorstep, and nobody else wants law enforcement harassing them because they're suspected of being illicitly gained. Therefore, everyone will refuse to accept redlisted coins as soon as law enforcement starts getting search warrants against people who end up with them.

To keep bitcoins fungible and valuable everyone with a stake in bitcoin should accept and redistribute tainted coins as much as possible, e.g. using CoinJoin. When everything is tainted, nothing is.

Don't underestimate the irrationality of the federal government. They could always then claim everyone using Bitcoins which are tainted are guilty of a crime and then force everyone to use freshly mined coins or coin which have been purchased in a clean way with KYC etc.

[Quetzalcoatl_]

On top of all that, if you do get a knock on your door, no matter how innocent you are, don't let them in if they don't have a warrant.

Whether they have a warrant or not, these days they will invariably be a SWAT team who will break down your door instead of knocking. Either you end up with your face on the floor and some asshole's knee in your back as they ransack your house, or you get machine gunned because one of them thought you might have had a gun. Either way, if you have a dog, it gets shot.

[Peter R]

you probably were doing something at least a little bit shady like buying BTC from an unregulated dealer you found on Craigslist or playing Satoshi Dice

Two consenting humans trading $ for BTC is shady??

There is something wrong with playing Satoshi Dice???

This outlines one problem with white/black/red lists.  They require moral judgements that are culture-dependent instead of universal.

[Aristoteles]

you probably were doing something at least a little bit shady like buying BTC from an unregulated dealer you found on Craigslist or playing Satoshi Dice

Two consenting humans trading $ for BTC is shady??

There is something wrong with playing Satoshi Dice???

This outlines the problem with white/black/red lists.  They require moral judgements that are culture-dependent instead of universal.

Exactly

[kjj]

The bottom line is that right now today, with no changes to anything, if you end up with coins bearing an interesting history, you take the risk of someone becoming interested in you.  You cannot prevent this risk.  You cannot mitigate it.  If you ditch the coins, you are still part of the chain, and you may get a knock on your door from people wondering how they came to you.

You can mitigate the risk. Don't accept coins from shady people, don't use bitcoins to break the law, and keep good records of all your transactions. The latter is required for tax purposes anyway, and is greatly facilitated by bitcoin as compared to cash.

If you run a business which sells to the public, then maybe you have to deal with shady people to some extent. In that case, not using bitcoins to break the law, and keeping good records of all your transactions, becomes even more important.

On top of all that, if you do get a knock on your door, no matter how innocent you are, don't let them in if they don't have a warrant.

I must've missed the "don't accept" button in the client that rejects unknown transactions.

Oh, wait...

Also, if the matter is serious enough, they won't be asking your permission to come in, and their only knock will leave your front door on the floor of your front hallway.  Please go read my first post in this thread.

We can't. But we can do what we can to protect privacy and security of the user. We can make all lists voluntary. Part of that means we have to keep pseudo-anonymity because without that anyone who doesn't like you from anywhere on the Internet could put you on a "scam" or "hack' list. Law enforcement is no better and they could target people for political reasons like with Aaron Swartz.

It turns out that privacy and security are hard.  I believe that a couple of guys are rotting in holding cells right now because they couldn't get privacy right, and they had very good reasons to try, what with every law enforcement agency in the world trying to find them and all.  And unless you are collecting bitcoins to swim through like Scrooge McDuck, there will always be a link back to you.

[Quetzalcoatl_]

Everyone in the jurisdiction where they're redlisted. Which almost certainly will not be everyone in the world. So all the owner of the hot potato has to do is trade their coins for clean ones in a country which doesn't support the redlist.

If you even have to do this in some jurisdictions, then Bitcoin has lost its fungibility, which is harmful to the value of all bitcoins in all countries.

[Peter R]

you probably were doing something at least a little bit shady like buying BTC from an unregulated dealer you found on Craigslist or playing Satoshi Dice

Two consenting humans trading $ for BTC is shady??

There is something wrong with playing Satoshi Dice???

This outlines one problem with white/black/red lists.  They require moral judgements that are culture-dependent instead of universal.

For the record, I agree with you, and that was kind of my point.

In fact, my very first comment in this thread was about how one big problem with white/black/red lists is that there's no universal agreement of what should be on the list. My tongue-in-cheek comment was something along the lines of "So we're making a redlist of stolen coins like the ones confiscated from DPR?"

It's difficult with such a long thread too see the full context of everyone's comments.

I really liked the example of DPR's stolen coins.  Indeed, some people will feel that taking someone's coins by force is significantly worse than providing a useful (albeit illegal) service to consenting individuals.  So there is really no sensible and universal way to black/white/red list.

[sushi]

How would you feel not if but when this happens to you?

You saved up about 1,000 BTC.  One day, a group of local police shows up on your door.  Mr Richy, we looked into  your BTC Transaction history and learned that you have 0.00001 BTC from the Pizza heist.  We are here to serve the search warrant to take all of your computers, smartphones, tablets and external drives and even the PS4 game unit.  Oh, by the way, we seized your BTC Wallet Address for further investigation.  We will let you know when you can claim your stuff back.  

(not to be mean, but please expect about a year or two of the wait.  By the way, we will send you a Tax Due Letter on your Total Bitcoin Value.  You can come up with all the transaction logs and may be able to claim some tax deduction, but you need to hire an accountant to do that.  Have a nice day!  Oh....  Sorry, that Toyota parked in front of your house, we are impounding that car because it appeares that you paid a portion of that car with the BTC Wallet that had a tainted BTC fro the Pizza Heist, so when you prove you didn't do the heist, you can come to the police station to get your car back, ut until then, your car is held by the POLICE.)

Oh, one more thing, we only accept cash for the impound fee from you because we seized your local bank account and the stock trading account and the retirement accounts because your wallet had the tainted BTC and therefore, we suspect you committed the financial crimes.  )

A week later, you'll get a few phone calls from the criminal defense lawers trying to sell you their service but ask for Cash or some discount via BTC.  You retain them with $25,000 USD.  3 months later you get everything released to you except the computers, tablets, cellphones and the hard drives.  By then attended a few court hearings and legal bill exceeded $80,000 USD.

After $150,000 USD later, you were offered a petty offense/crime deal for possessing the portion of the stolen coin.  2 years of probation/supervisory release.  Have to attend meetings, piss in the cups, blow in the tube every few days, work in the chain-gang for a few weeks.

A few years later, at your son's wedding reception, he apologize you for borrowing his BTC account to view some porn and he returned 0.1 BTC he used to pay for the porn site, he made enough BTC via ads clicking/BTC Faucent and paid him back with some interest.  Dad, than you for not giving me up to the police for borrowing your BTC for a few months.

------------------------------------------------

Or a mom with 3 little kids at a local Walmart buying some milk and cheese.  She sees and hear another young mother trying to buy food in the next cash register was short of $20.  Nice lady helps this poor mom, in return she was offered 0.1 BTC just for helping her out at the cash register.  Exchange the coins at the register via smartphones.

3 months later, big bangs go off in and outside of your home at 5:45AM in the quiet middle class neighborhood.  You could her dogs barking and loud voice saying Federal Agents/Police.  Someone is running into your bedroom while you are butt naked, ordering you to drop on the floor and hands above your head.  Male Officers pat you down and handcuffs you naked while your kids crying.  After everyone looked at you naked, you could hear them screaming where is the computers? (You don't own any computers & anything close to it would be just 1 Samsung Galaxy.)

You were receiving the child support or out-of-court agreed monthly child support via BTC from the father of 3 children.  Police takes your cellphones.  Seize your BTC Wallet Address, and you get charged associated with a 4.1 Millions Doller theft from one of the Chinese Exchange Market.  Police said 2 BTC you received last month from your EX was traced back to the Exchange Heist in Hong Kong and you were investigated for possessing and using the stolen BTC (RED LISTED BTC.)

May not happen this way, but just a thought...

[User705]

Coin Validation strikes to the heart of what Bitcoin is and that is who really owns your money/coins/assets.  The Bitcoin method which is anathema to the modern financial system requires no third party to validate your ownership rights.  It can be said that with such validation you don't truly own your money/coins/assets which benefits the current money controllers elite at the expense of users.  This proposal is a veiled attempt disguised as crime prevention to bring Bitcoin back down into the current system.  Not a surprise.  Bitcoin is either a monetary revolution or a ponzi trading card fad.  If it is a revolution then it is simply incompatible with the old system.  Jim Crow laws were separate but equal too.  I guess colored coins is an appropriate moniker then.

[domob]

Really scary what seems to be popping up lately ... with the "Coin Validation" crap and now this.  Makes me really glad I didn't join the foundation.  Really looking forward to Dark Wallet and mature CoinJoin implementations!

Besides all that, I really believe such systems wouldn't work; what if I had a "white-listed" address tied to my identity and bought some discouraged things or services with it?  "Oops, someone must have stolen my private key.  Didn't look at my saving wallet for some time, so thanks for pointing it out to me.  Really sorry for all the rest of my nice coins in there!  Damn hard to secure your system it seems."

[BigJohn]

Disclaimer: I don't know shit. I'm just a casual Bitcoin user.

It seems the problem is that the users have control over address generation. But I constantly see in various Bitcoin FAQs on the web that it's good practice to use a new address every time. This seems like a constant source for problems. Couldn't the protocol be amended so that each address is only good for 2 transactions? 1 incoming and 1 to spend it? This would render this whole issue moot. Or am I missing something?

[justusranvier]

It seems the problem is that the users have control over address generation. But I constantly see in various Bitcoin FAQs on the web that it's good practice to use a new address every time. This seems like a constant source for problems. Couldn't the protocol be amended so that each address is only good for 2 transactions? 1 incoming and 1 to spend it? This would render this whole issue moot. Or am I missing something?

That's not very good either since it breaks Bitcoin in a different way.

Satisfying the conditions of the appropriate script must always be both necessary and sufficient to spend an output.

[molecular]

molecular said:

Didn't you read what he proposed: you can wash your bills clean by registering your identity.

Mike said :

For instance, this process could be automated and also built into the wallet.

If the quotes are correct, and if molecular is correct, what does it mean?
That we'd have to upload ID and bills to errr... The Foundation ? for verification, before we can even use a wallet?

I should've said "coins" instead of "bills". I don't know how it could be automated, except maybe by using electronic ID like the german ID card that allows online identification of the slaves.

[molecular]

If the foundation chooses to support this idea, it will be the day when Bitcoin splits. In one way or another, there will be two different Bitcoin protocols, be it in the form of an altcoin or as a hard fork. I hope they make the right decision, which is obvious in my mind.

mikes idea is not acceptable of course. it will be interesting so see, what the devs of Litecoin will do...

What can they do?  There's not much anyone can do about things like this.  As Carlton has already pointed out, this isn't a protocol change.  Tracking coins and creating whitelists/blacklists/redlists/bluelists is possible and open for anyone to do due to bitcoin's (and all other cryptocoins) design.

Its different. If a average joe creates such a list on its server it doesnt matter. But if the bitcoin foundation changes the official wallet and shows tainted coins it will have a bad effect.

It doesn't matter who creates the list.  If the list is trusted by enough people, and governments mandate that businesses register or only accept from "verified" bitcoins on some approved list, then you get the same thing.  Again, it doesn't matter if everyone's complaining prevents the Foundation from implementing something like this, because there's really nothing that can be done to prevent somebody from doing it and from governments from legislating for it.

I agree we can't prevent governments / corporations from doing this. However putting support of this into bitcoin-qt would greatly accellerate acceptance of the scheme. Fear would make it work.

[molecular]

Advanced persistent threats can exist in any and every one of our computer systems. At any time a government can flip a switch and force us to pay some tax in Bitcoins?

No, they cannot.

And...

Have you been hit by a ransomware before?
Do you know anyone who have been?

Quit being paranoid. Ransomware did exist, still exist, and will exist. With no more power than they had before, provided you have a safe backup of your wallet.

So you're telling me that if each Bitcoin is worth $1 million dollars ransomware or other sophisticated malware and spyware wont be developed to target Bitcoin users? This isn't paranoia it's common sense. Governments may or may not have hit any of us already with advanced persistent threats. Do you think they'll tell us?

http://en.wikipedia.org/wiki/GhostNet

“Those who surrender freedom for security will not have, nor do they deserve, either one.”

[molecular]

So you're telling me that if each Bitcoin is worth $1 million dollars ransomware or other sophisticated malware and spyware wont be developed to target Bitcoin users? This isn't paranoia it's common sense. Governments may or may not have hit any of us already with advanced persistent threats. Do you think they'll tell us?

You're a persistent one.
I'm just telling you that ransomware will not magically become more efficient than it is now just because people acknowledge bitcoin being worth more than murrikan dollar.

Ransomware today is a pain. Ransomware tomorrow will be a pain. Ransomware won't be more dangerous tomorrow than it is today.
Your coins are safe as long as you have a backup+strong passphrase or cold wallets.
Just smile and go to sleep.

The answer to ransomware is tightening security and switching to opensource software, not fucking with Bitoin.

[molecular]

Mike's core concern, based on the thread on the Foundation forums, is that Cryptolocker is a serious problem, and because it's such a demonically simple way to extort cash from people, it's going to become a huge problem. There will be many, many copycats soon, and you get enough non-techies getting ripped off and having their first experience with bitcoin this way, and suddenly govs around the world become very hostile to bitcoin (vs barely caring about it, and figuring out how they feel about it as is the case now). And then (or perhaps before), you can kiss any hope of business acceptance of bitcoin (something we all dream of, I'd imagine, so that we can transact in bitcoin without having to resort to exchanges) goodbye.

Here's a thought - why don't people keep their virus definition files up to date? Microsoft deserves a huge amount of blame for leaving their OSes unprotected for such an incredibly long time, but windows 8 actually does include Microsoft Security Essentials for free.

Anyway, how many people have actually gotten the cryptlocker virus?  I think it's pretty unlikely that this will be anything more then a fringe thing affecting people who probably don't have any valuable files anyway, because they don't even know how to use their computer. A virus writer will have to be extremely selective in targeting people if they don't want their virus to end up in virus definition, which in turn means not very many people will be effected.  If they try to spread it all over the place it'll end up blocked everywhere, which in turn, again, means no one gets it.

I had a friend call me and tell the story of a small company (20 PCs) catching cryptolocker and needing bitcoin from him. It is a problem and it could become big. Unfortunately it also is a problem for Bitcoin (by association). The answer to this threat however, does certainly not lie in trying to render Bitcoin payment less attractive for those criminals. It lies in tightening your security and making regular backups... which you should do anyway.