On reversible transactions

[deisik]

We all know that hacks and thefts are following Bitcoin (as well as other cryptocurrencies, for that matter) and its users like a plague, so I was thinking about solving this issue once and for all. Long story short, we need to implement two things described in detail below

First, we should create "frozen" or lockable addresses, i.e. addresses which will be locked for a specified amount of time on the protocol level by setting a special variable that will be our countdown timer. After it runs out the address gets unlocked and you can move your coins freely. That would essentially mean that no one including the owner of the keys will be able to move these coins anywhere until the specified amount of time runs out, thereby efficiently and effectively preventing hacks and thefts during that time. As an extension to this basic feature, it could be beneficial to create a white list of addresses where the coins can be sent to during this lock time

Second, we should make some transactions reversible, but please don't attack me before you actually listen me out. It is most certainly not what you think it is. This feature should allow a transaction to expire (i.e. be reversed) unless the payee (i.e. the person you pay to and who is to receive the money) confirms it from their side. This is how many online payment systems work (e.g. Yandex.Money). Basically, you send money to someone but they won't be able to receive it without a protection code which you send them separately (or tell in person). Thus, if no code is provided on time, the transaction gets canceled. Essentially the same thing can and should be implemented in Bitcoin

So if you find these proposals interesting or even if you find them disgusting, feel free to comment below

[1714170232]

1714170232

[1714170232]

1714170232

[1714170232]

1714170232

[HODL2090]

We all know that hacks and thefts are following Bitcoin (as well as other cryptocurrencies, for that matter) and its users like a plague

Hacks and thefts follow every financial technology or system, as far as there is a prospect of acquiring the funds and assets of others.

First, we should create "frozen" or lockable addresses

Most hacks happen over the secondary market mostly centralized exchanges, the chances of a wallet address getting hacked is very low, you can secure it further by using a hardware wallet.

[deisik]

Your second idea would need quite the change and all the wallets to update with it as soon as it goes live or tons of theft would happen, help a ton would happen due to unknowing users. This doesn't seem like an easy thing to implement without theifs going wild

How come really?

We should just increase a version number (or how it is called correctly), so that you don't really need to update existing addresses at all. In this way, only newer addresses will be able to use this feature. In other words, legacy addresses should just ignore it. Basically, this is how scalable and compatible systems are built where you can add new features without affecting the existing feature set in a negative or dangerous way (like you mean it)

[audaciousbeing]

From what I have seen here on the recommendations you made, its something I would call an Escrow system which is something already in place and what is applicable in most peer to peer site that they create a form of timing for transactions between two people and you are equally allowed to open s trade dispute should in case you are not comfortable with the trade.

On the other option of making transaction reversible, how that would be possible is what I can't get my head around except the entire bitcoin or crypto is reconfigured to make this option possible other than that, I fear we might have to do with what we currently have and continue to protect ourselves in the face of people who are bent on ripping us of.

[deisik]

From what I have seen here on the recommendations you made, its something I would call an Escrow system which is something already in place and what is applicable in most peer to peer site that they create a form of timing for transactions between two people and you are equally allowed to open s trade dispute should in case you are not comfortable with the trade

Probably yes (as I don't know how the system you refer to actually works)

But what I suggest should be done on the protocol level. This feature will also prevent you from sending your coins to a wrong address by mistake. If you make such a mistake, whether the receiving address actually exists or not won't matter as your coins will come back to you after the grace period is over. Honestly, I don't understand why we don't have such a system already implemented

On the other option of making transaction reversible, how that would be possible is what I can't get my head around except the entire bitcoin or crypto is reconfigured to make this option possible other than that, I fear we might have to do with what we currently have and continue to protect ourselves in the face of people who are bent on ripping us of

But how are other systems upgraded? If Bitcoin doesn't allow such upgrades being made in a safe and reliable way, it pretty much means that it is poorly designed, and we need to redesign it (while it is still officially in beta)

[vit05]

What is the difference between your suggest and using OP_CHECKLOCKTIMEVERIFY (OP_HOD ?

Or using Hashed Timelock Contracts (HTLCs) ?

 This feature should allow a transaction to expire (i.e. be reversed) unless the payee (i.e. the person you pay to and who is to receive the money) confirms it from their side.

So it would need to pay 2 times the fee?

[deisik]

What is the difference between your suggest and using OP_CHECKLOCKTIMEVERIFY (OP_HOD ?

Or using Hashed Timelock Contracts (HTLCs)?

I will look into that later (as I'm not very familiar with Bitcoin's opcodes)

This feature should allow a transaction to expire (i.e. be reversed) unless the payee (i.e. the person you pay to and who is to receive the money) confirms it from their side.

So it would need to pay 2 times the fee?

I don't really know

But it doesn't matter as this feature should be optional anyway and it is certainly worth the money, i.e. fee paid first by the payer (as usual) and then probably by the payee (or by the payer alone). Just imagine how many people lost their coins when they sent them to a non-existent address and then imagine how many are still going to lose their coins in the future. In simple terms, we have to literally pay for the lack of a feature which should have been in Bitcoin right from the start. Some things seem to be too obvious to be actually done

[franky1]

We all know that hacks and thefts are following Bitcoin (as well as other cryptocurrencies, for that matter) and its users like a plague, so I was thinking about solving this issue once and for all. Long story short, we need to implement two things described in detail below

First, we should create "frozen" or lockable addresses, i.e. addresses which will be locked for a specified amount of time on the protocol level by setting a special variable that will be our countdown timer. After it runs out the address gets unlocked and you can move your coins freely. That would essentially mean that no one including the owner of the keys will be able to move these coins anywhere until the specified amount of time runs out, thereby efficiently and effectively preventing hacks and thefts during that time. As an extension to this basic feature, it could be beneficial to create a white list of addresses where the coins can be sent to during this lock time

Second, we should make some transactions reversible, but please don't attack me before you actually listen me out. It is most certainly not what you think it is. This feature should allow a transaction to expire (i.e. be reversed) unless the payee (i.e. the person you pay to and who is to receive the money) confirms it from their side. This is how many online payment systems work (e.g. Yandex.Money). Basically, you send money to someone but they won't be able to receive it without a protection code which you send them separately (or tell in person). Thus, if no code is provided on time, the transaction gets canceled. Essentially the same thing can and should be implemented in Bitcoin

So if you find these proposals interesting or even if you find them disgusting, feel free to comment below

both things are possible now
but lets deal with the second one

imagine you set up a 1-of-2 multisig (only one signer is needed)
you pay into that address and if the recipient then does not move the funds. out of the multisig within a timescale you can then spend them back to yourself

no protocol changes are needed to do this

[pussyhunter6969]

1. There are already freezing balance tricks on bitcoin blockchain, technically every transaction you make contains a include in block chain field, which makes sure that you can lock the transaction.

can be done on any modern advance wallet

2.  reversible or party confirming transaction would cripple the SDK running on bitcoin, this removes the very concept of blockchain, the mempool will be clogged with unaccepted transactions, if every needed to be accepted the coin base generation can be manipulated, and the whole Benefit of FEE BUMP +  CPFP will be useless, but the way which was the point of conflict between BCH & BTC fork.

use multisig mode on electrum wallet for 2. it does what you looking for

[deisik]

but lets deal with the second one

imagine you set up a 1-of-2 multisig (only one signer is needed)
you pay into that address and if the recipient then does not move the funds. out of the multisig within a timescale you can then spend them back to yourself

This is a very clumsy setup

Why would I need to share my private key with someone else as this is what a multisig is about as far as I understand it? I don't know if I'm using the correct terminology here but I hope you get the point. I just want to send somebody a few coins from my wallet (read, address) who I may not even know, and make sure that the coins don't get lost or stolen in the process. So how does a 1-of-2 multisig help me in any meaningful way here?

[89squad]

Have you heard the saying: "If a programmer makes an easy interface, nature will make a stupid user"? This is exactly the case. Most abductions occur through Social Engineering.

[franky1]

but lets deal with the second one

imagine you set up a 1-of-2 multisig (only one signer is needed)
you pay into that address and if the recipient then does not move the funds. out of the multisig within a timescale you can then spend them back to yourself

This is a very clumsy setup

Why would I need to share my private key with someone else as this is what a multisig is about as far as I understand it? I don't know if I'm using the correct terminology here but I hope you get the point. I just want to send somebody a few coins from my wallet (read, address) who I may not even know, and make sure that the coins don't get lost or stolen in the process. So how does a 1-of-2 multisig help me in any meaningful way here?

you dont need to share a private key..
thats what multisig is about.

in simple terms you have a private key.. the recipient has a private key.
you both only provide the PUBLIC key of each. and a multisig is an address that allows any of those to spend the funds within it.
meaning you dont get to know the recipients privat key and he doesnt get to know yours. it just allows more than one spender to spend independantly without giving away private keys

you get to also stipulate how many people are needed to spend. hense a 1 of 2 means out of 2 chosen people only one is needed to spend the funds. thus allowing equal oppertunity to spend the funds. thus if the recipient does not spend it, you can get it back

the result is exactly what you want. funds are put into an address which you or the recipient can then claim.. EG the recipient can claim or you can claim(refund)

[byebyehi]

There is already a solution to this problemL Use banks/paypal/USD

If you can't handle security for your cryptocurrency you shouldn't own any.

[deisik]

First, we should create "frozen" or lockable addresses

Most hacks happen over the secondary market mostly centralized exchanges, the chances of a wallet address getting hacked is very low, you can secure it further by using a hardware wallet

And what does it change?

Centralized exchanges hold most of their funds in cold wallets anyway, so keeping such wallets locked with a forward timer (say, set for 1 hour) will prevent these hacks from happening. On the flip side, though, there is another catch here. For example, it becomes known that the keys have been compromised, but the hacker can't steal the coins as it has a timer counting. So how can a legitimate owner claim his coins and not let the hacker claim them before him? That's an interesting implication which I didn't think of when starting this thread

you get to also stipulate how many people are needed to spend. hense a 1 of 2 means out of 2 chosen people only one is needed to spend the funds. thus allowing equal oppertunity to spend the funds. thus if the recipient does not spend it, you can get it back

the result is exactly what you want. funds are put into an address which you or the recipient can then claim.. EG the recipient can claim or you can claim(refund)

Okay, I will look into it. Can I set a timeout with this approach, i.e. when the recipient doesn't claim the coins after a specified amount of time, can I claim them back?

What you're asking for is Centralization.
An overseer to decide what is allowed and not allowed

Blockchain is that overseer. It decides what is allowed and what not

[franky1]

Okay, I will look into it. Can I set a timeout with this approach, i.e. when the recipient doesn't claim the coins after a specified amount of time, can I claim them back?

yes. you can for instance use the same time locks that LN uses(without neding to use LN) so that you stipulate that you, yourself cannot touch the funds for X time (allowing the other person to spend within the time without fear that you are fake paying them by you claiming as soon as it confirms) thus giving them time to spend it

there are other options too

What you're asking for is Centralization.
An overseer to decide what is allowed and not allowed

changing the network to make all addresses behave in a certain manner that allows confirmed transactions to become unconfirmed. or to allow people to double spend is bad. but i dont think thats what the OP is asking for.
instead voluntarily putting funds into a multisig which 2 people volunteer to use as their escrow between themselves. where the 2 parties are the deciders. . then that is an option that is available now without network changes needed and not causing centralisation.

[tenakha]

First, we should create "frozen" or lockable addresses, i.e. addresses which will be locked for a specified amount of time on the protocol level by setting a special variable that will be our countdown timer. After it runs out the address gets unlocked and you can move your coins freely.

Personally, I always follow the situation and when I think the time is right for entering then I get. Well what will happen to this countdown if the price in this period becomes as I wish? It is like taking over management. Anyway even if there is any solution, it will be hacked or stolen. There is no escape from something online, unless you are awake.

[deisik]

Okay, I will look into it. Can I set a timeout with this approach, i.e. when the recipient doesn't claim the coins after a specified amount of time, can I claim them back?

yes. you can for instance use the same time locks that LN uses(without neding to use LN) so that you stipulate that you, yourself cannot touch the funds for X time (allowing the other person to spend within the time without fear that you are fake paying them by you claiming as soon as it confirms) thus giving them time to spend it

there are other options too

Okay then, probably it is exactly what I wanted to see in Bitcoin, though done in a different way (maybe, even in a more flexible way). So how can we prevent coins from being sent to a non-existent address? Well, not actually prevent them from being sent but rather being able to claim them back?

Perhaps, adding a variable (a timer) that would allow to claim the coins back if they don't get spent?

What you're asking for is Centralization.
An overseer to decide what is allowed and not allowed

changing the network to make all addresses behave in a certain manner that allows confirmed transactions to become unconfirmed. or to allow people to double spend is bad. but i dont think thats what the OP is asking for

Funny, taking into account that I specifically pointed out in the OP that people should not attack me without first trying to understand what I actually wanted to suggest (and they still failed me):

Second, we should make some transactions reversible, but please don't attack me before you actually listen me out. It is most certainly not what you think it is

Obviously, I didn't mean that all transactions should be made reversible. And maybe a 1-of-2 multisig is the right way to go with my proposal, after all

[bartolo]

On the flip side, though, there is another catch here. For example, it becomes known that the keys have been compromised, but the hacker can't steal the coins as it has a timer counting. So how can a legitimate owner claim his coins and not let the hacker claim them before him? That's an interesting implication which I didn't think of when starting this thread

I think there would be no way to do that. Once the countdown ended, they both would try to send the coins to another address at the same time, so the only way the legitimate owner could keep his coins would be by spending a higher fee than the hacker and being lucky.

[ePesoInitiative]

But what I suggest should be done on the protocol level. This feature will also prevent you from sending your coins to a wrong address by mistake. If you make such a mistake, whether the receiving address actually exists or not won't matter as your coins will come back to you after the grace period is over. Honestly, I don't understand why we don't have such a system already implemented

This can be done by Smart Contracts I believe. The contract will keep the sent coins locked for a grace period unless the recipient sends a confirmation TX. No confirmation after a time, the coins will return to the sendee.

[deisik]

On the flip side, though, there is another catch here. For example, it becomes known that the keys have been compromised, but the hacker can't steal the coins as it has a timer counting. So how can a legitimate owner claim his coins and not let the hacker claim them before him? That's an interesting implication which I didn't think of when starting this thread

I think there would be no way to do that. Once the countdown ended, they both would try to send the coins to another address at the same time, so the only way the legitimate owner could keep his coins would be by spending a higher fee than the hacker and being lucky

That's what I think myself

However, there can be a way out, something like a fallback plan. For example, you can also add an encrypted variable with a password known only to you, which you set at the moment you lock the address. It would allow you to stop the timer prematurely and thus claim the coins back immediately. I know you are going to say that it can be stolen too, but it is a one-off variable which is used only to stop the timer, so you don't need to save it anywhere but in your head only (read, it is not the same as your private key)