Forking Blockchain for lost keys

[andy10000]

This is a newby question:

If Gox have lost the keys to their cold storage, would it be technically possible to fork the blockchain to move those coins to a new wallet with a known key?

Is it technically possible? Can it be done in a way that's secure?
What would bet the issues for the reputation and ethos of the bitcoin movement? Especially in the context that this is for 7% of the BTC economy, and not just Joe who lost 20bucks worth.

Thanks for explaining this to me.

[1715156157]

1715156157

[1715156157]

1715156157

[1715156157]

1715156157

[ivroer]

... would it be technically possible to fork the blockchain to move those coins to a new wallet with a known key?

Technically, yes.

What would bet the issues for the reputation and ethos of the bitcoin movement?

Really there are 2 possibilities here
1) Hardly anyone would notice or follow this "gox fork", thus Bitcoin would continue unaffected.
2) Mainstream media would pronounce Bitcoin "dead", again; "gox fork" would probably die off quickly, Bitcoin unaffected.

You probably want to refer to some of the other threads talking about this very issue:
https://bitcointalk.org/index.php?topic=492724.0
https://bitcointalk.org/index.php?topic=494140.0
https://bitcointalk.org/index.php?topic=488186.0
... and so on, use your search function.

[dreamspark]

Yes its possible.

Bitcoin would be dead.

[cr1776]

Yes its possible.

Bitcoin would be dead.

Bitcoin would be fine.  Goxcoin would be dead - we could stick a fork in it.   

[dexX7]

... would it be technically possible to fork the blockchain to move those coins to a new wallet with a known key?

Technically, yes.

I'll bite. How?

Injecting or changing whatever transaction would invalid the whole chain.

[andy10000]

I've heard this "bitcoin would die" but I don't understand why? Why would rescuing 7% of the coins be such sacrilege? Given that there are 127000 users that have lost coins.

[byt411]

I've heard this "bitcoin would die" but I don't understand why? Why would rescuing 7% of the coins be such sacrilege? Given that there are 127000 users that have lost coins.

Because once it happens, it will repeat itself. We cannot fork bitcoin multiple times just to save coins because a lot of people were stupid and stored their coins online. It is their own fault.

[cr1776]

I've heard this "bitcoin would die" but I don't understand why? Why would rescuing 7% of the coins be such sacrilege? Given that there are 127000 users that have lost coins.

Did you like the bank bailouts in 2008-2009? Bail-ins in Cyprus? Inflation eating away 50-70% of your purchasing power over the last 30-40 years?   If not, why recreate it with bitcoin?  

Either way, if this is a good idea, just do it.  Ditto for people who want an FBI-coin fork etc.  There will be plenty of other things people want a fork for.  It is open source software, fork the blockchain and fork the software to make this idea a reality. Perhaps enough people will agree, but discussing it does nothing to help these people. Delaying doesn't help them.

As an added bonus this will put to bed insanely dumb ideas about forking for good.

[grifferz]

I've heard this "bitcoin would die" but I don't understand why? Why would rescuing 7% of the coins be such sacrilege? Given that there are 127000 users that have lost coins.

It would unwind the thousands of transactions that have happened since then, then no one would do another transaction with this new "goxcoin" fork because they have seen that they can't rely on it staying spent.

But it wouldn't come to that because everyone would correctly realise that allowing goxcoin to exist would spell doom, so wouldn't mine it. Its momentary fork would die.

[BitcoinQTlol]

If this happened I will sell off my whole stash of coins that I keep in cold storage, the reason I have so many bitcoin in the first place is because it's irreversible, just cos u kept bitcoin in a exchange don't make the rest of us pay..

[Automatic]

... would it be technically possible to fork the blockchain to move those coins to a new wallet with a known key?

Technically, yes.

I'll bite. How?

Injecting or changing whatever transaction would invalid the whole chain.

Generate a longer chain fork starting from when MTGox lost their coins.

It'd require all the miners to agree on the change, though. Or, at-least 51% (Even at 51%, it wouldn't change over for a long time for the other 49%)

If this happened I will sell off my whole stash of coins that I keep in cold storage, the reason I have so many bitcoin in the first place is because it's irreversible, just cos u kept bitcoin in a exchange don't make the rest of us pay..

I completely agree, I'll drop my entire pool of bitcoins instantly. If pool miners (Honestly, that'll be who's choosing) decide that they have the right to change how the network works, the majority of people will jump off that pool, if it's successful, the majority of people would jump off BTC.

[wheatstone]

OP proposal is not possible, even with 51% of the mining power behind it.

As dexX7 correctly pointed out, without knowing the private keys to the transactions, any transaction of the coins to a new input would invalidate the block (and any subsequent blocks). No client would accept this invalid chain, regardless of length.

I'm not sure why this proposal has cropped up multiple times a day since the mtgox incident. One almost suspects that there is an ongoing influx of new users who are unaware of the forum's search function.

[alexeft]

just cos u kept bitcoin in a exchange don't make the rest of us pay..

+INFINITY!!!

[DeathAndTaxes]

OP proposal is not possible, even with 51% of the mining power behind it.

As dexX7 correctly pointed out, without knowing the private keys to the transactions, any transaction of the coins to a new input would invalidate the block (and any subsequent blocks). No client would accept this invalid chain, regardless of length.

I'm not sure why this proposal has cropped up multiple times a day since the mtgox incident. One almost suspects that there is an ongoing influx of new users who are unaware of the forum's search function.

It "can" be done, anything can be done.  The rules of the network are enforced by the client anyone can make any change they want to the network.  A miner could decide to make the block reward 1 million coins per block.  Technically it is brain dead easy to make these kinds of changes.  Change a couple lines of code, compile, and distribute.

You would create a fork of the network.  The real question is can you convince anyone to use this (or any other controversial change)?  My belief is no, or not is a large enough numbers to create a critical mass.  However nobody can stop anyone else from doing it, and it certainly "can" be done.  So those who want to do it, just go ahead and do it.  See how many people use this "gox-coin".

[ivroer]

... would it be technically possible to fork the blockchain to move those coins to a new wallet with a known key?

Technically, yes.

I'll bite. How?

Injecting or changing whatever transaction would invalid the whole chain.

I'll bite back 

Technically: Let's say hypothetically, based on the OP: Gox has lost private keys, they want to move the coins that are identified in specific public addresses.

1. Gox forks the source code, they code a special rule for block number 290304 that permits a specially crafted transaction where all the balances in the lost addresses can be spent to an address for which they hold the private key, e.g. 1LNWw6yCxkUmkhArb2Nf2MPw6vG7u5WG7q
2. Gox announces their source code and binaries, along with a plea for people to upgrade to the "new" version of Bitcoin (gox-coin)
3. At block 290304, Gox mines their bailout block. People that installed gox-coin will follow this fork in the blockchain. For everyone else, they ignore it and continue on the main Bitcoin blockchain.

It "can" be done, anything can be done.  The rules of the network are enforced by the client anyone can make any change they want to the network.  A miner could decide to make the block reward 1 million coins per block.  Technically it is brain dead easy to make these kinds of changes.  Change a couple lines of code, compile, and distribute.

You would create a fork of the network.  The real question is can you convince anyone to use this (or any other controversial change)?  My belief is no, or not is a large enough numbers to create a critical mass.  However nobody can stop anyone else from doing it, and it certainly "can" be done.  So those who want to do it, just go ahead and do it.  See how many people use this "gox-coin".

Credit where it's due, my answer is really just a messy rehash of this.

I don't think Gox would attempt a stunt like this, and anyone else's forking would be lost in the background noise.

[serje]

I really think someone should make a alt coin named gox coin with only 720.000 coins!

That way everyone who got goxxed can get their money back and it will be only up to them to keep their value!

I'm sure they will fail again!

[dreamspark]

It would be possible by creating a block number n and all miners agree to include this block. The only thing in this block would be a transaction to a new address and the destruction of the gox coins. So at an agreed time this would become the next block and miners would carry on mining the blocks after that.  This is obviously only if they are lost and the addressees known.

Its a terrible idea for obvious reasons and any one thinking this would be a positive for bitcoin clearly do not understand it.

[DeathAndTaxes]

It would be possible by creating a block number n and all miners agree to include this block. The only thing in this block would be a transaction to a new address and the destruction of the gox coins. So at an agreed time this would become the next block and miners would carry on mining the blocks after that.  This is obviously only if they are lost and the addressees known.

Its a terrible idea for obvious reasons and any one thinking this would be a positive for bitcoin clearly do not understand it.

All miners is not sufficient to change the Bitcoin protocol it requires all users, all existing clients to be upgraded.  Otherwise there is a fork and users will choose the one they want to use.

[Automatic]

OP proposal is not possible, even with 51% of the mining power behind it.

As dexX7 correctly pointed out, without knowing the private keys to the transactions, any transaction of the coins to a new input would invalidate the block (and any subsequent blocks). No client would accept this invalid chain, regardless of length.

I'm not sure why this proposal has cropped up multiple times a day since the mtgox incident. One almost suspects that there is an ongoing influx of new users who are unaware of the forum's search function.

K, any transactions based on the transactions of the gox BTC would be invalidated, but, any that weren't would just be just-as-valid.

Imagine we're on block 20, and, gox lost their coins on block 15, and, in block 15-20 five transactions occurred. Gox sent money from their controlled address to an unknown one (#16), the unknown address sent money to another unknown address (#17), some random user sent money to his friend (#18), his friend send money back to the random user (#19) and I donated some money to the EFF (#20).

If we go ahead and imagine all the miners said "Right, fuck everything after block fifteen, let's start again", they'd go back to block fifteen, GOX would have their coins, and, they'd just need to regenerate the blocks from there on, however, since they know about the five transactions, they could just pack it all into the first block, minus the gox ones, so:-

#16 is invalid, as, we don't want to do it (It's where gox loses their money)
#17 is invalid because it relies on #16
#18 is still valid, so, drop that in the first block
#19 is still valid, so, also drop that in the first block
#20 is still valid, so, also drop that final one into the first block.

Grand, now we're 16 blocks deep, and, we're still valid, with MTGox keeping their money. Now all we have to do is generate five more ($chainOne.length - $chainTwo.length + 1) blocks before the miners mining the first chain mine one, and, all nodes would jump to us as we're the longest chain, and, also a valid chain.


...at-least, that's my understanding.

It would be possible by creating a block number n and all miners agree to include this block. The only thing in this block would be a transaction to a new address and the destruction of the gox coins. So at an agreed time this would become the next block and miners would carry on mining the blocks after that.  This is obviously only if they are lost and the addressees known.

Its a terrible idea for obvious reasons and any one thinking this would be a positive for bitcoin clearly do not understand it.

All miners is not sufficient to change the Bitcoin protocol it requires all users, all existing clients to be upgraded.  Otherwise there is a fork and users will choose the one they want to use.

Users can choose, but, unless it faults the checkpoint system that bitcoin has in place (here's a list), then, by default, bitcoin-qt/bitcoind will auto-jump to the longest, valid, chain. In this case, assuming miners can generate a longer, valid (But ignoring gox's transaction), chain before the miners on the current chain can extend it, then, we'd all auto-jump and orphan the other blocks.

EDIT:- Source to back me up:-
https://github.com/bitcoin/bitcoin/blob/f60e49d49c72908356d70d05ae30c6e63be2192d/src/main.cpp#L2001-L2005

I admit, I didn't just read the entire bitcoin source, so, I'm going mainly off comments & function names.

[embicoin]

This 7% of all bitcoins must be a cost for the lesson, that will remain forever. No forks, no nothing. If mtgox manages to recover the coins, congratulations. If they can't, then the law must decide.
Everything else from that is wrong from the basis.