The Hack and The Rollback

[NeuroticFish]

Now, there is this talk about the "rollback" which can possibly reverse the 7,000 BTC transfer

The talk has happened yesterday and the idea was abandoned.

Only somebody with insufficient knowledge of Bitcoin could come up with such ideas. OK, Binance has its connections, but it was proven to not be enough to pull a 51% / fork. Luckily. Because it would have been costly and would have done more harm than benefit even to Binance. And why? As somebody else said, 7000BTC is probably peanuts for Binance, maybe there are other such transactions too they didn't disclose? I hope not.

[antisocial77]

All markets should upgrade their security first.if binance or anothet market try to rollback, it cause serious trust problem to crypto which they dont want in the first place

[xtraelv]

--snip--
My question is this: Can't this transaction be followed and given a close monitor? Until it gets a point where they would want to discharge as in convert to fiat or spending, and authorities get to freeze the account? do you also think there is a future plan to arresting this hugly situation to ensure greater confidence in the future? Thanks a lot.

Yes and No.
Bitcoin is pseudo-anonymous. IF the hackers just keep on funding their own wallets on the bitcoin network, it's defenately possible to keep tracking untill they deposit funds on an exchange or a P2P marketplace and arrest them when they exchange their stolen funds for fiat.

HOWEVER... There are countless "tricks" that can be used to break the connection between 2 wallets. If you combine a couple of these tricks it becomes virtually impossible to keep tracking.

For example:

• The use of mixers
• Coinjoin
• Depositing and withdrawing from casino's
• Exchanging BTC to a privacy coin (like monero), moving the funds around a bit, then exchaning back

I agree there are countless of ways to launder the funds. But there will be huge hurdles for them.

The bitcoin is being tracked in real time.

Any large amounts are hard to exchange without KYC and depositing a large amount of hacked funds on a mixing service or casino will draw massive attention on the mixing service or casino. It may also attract attention of law enforcement who will go after the service as well as the hacker (Like with BTCe).

Exchanging large amounts into other crypto will also draw attention to the hackers. Since it cannot be exchanged on exchanges that require KYC or that might seize the stolen funds there will be limited places where it can be discreetly exchanged. This is where any volume will give it away. There are not many places where you can exchange 40 million without being noticed.

It is more likely that the hacker will patiently sit on the funds and not withdraw it for years.

[traderethereum]

The only solution to prevent the major hack is by making high-level security in every exchange, and they need always to watch the suspicious activity that might happen in the exchange.
Besides that, they need to stay alert from the attacking that always comes to them as the big exchange because they are a good target to be attacked.
They need to build a team to handle the security on their website, so they will know if something not right is happen.
There a lot of things that they need to fix related to the security for their website and it's not easy but I am sure that binance will handle with care.

[mocacinno]

I agree there are countless of ways to launder the funds. But there will be huge hurdles for them.

The bitcoin is being tracked in real time.

Any large amounts are hard to exchange without KYC and depositing a large amount of hacked funds on a mixing service or casino will draw massive attention on the mixing service or casino. It may also attract attention of law enforcement who will go after the service as well as the hacker (Like with BTCe).

Exchanging large amounts into other crypto will also draw attention to the hackers. Since it cannot be exchanged on exchanges that require KYC or that might seize the stolen funds there will be limited places where it can be discreetly exchanges. This is where any volume will give it away.

It is more likely that the hacker will patiently sit on the funds and not withdraw it for years.

There's a big chance you're right and the thieves do not exchange the stolen funds for fiat for many years... That being said, i'm pretty sure i'd be able to completely "wash" 7000 BTC if i'd had a couple of months and was allowed to "lose" 10-20% on various fees. It's basically a matter of splitting up those huge outputs in smaller chunks, then wash them by using multiple different techniques and services on each of those chunks whilst always using a combination of privacy techniques to make sure you never get your real ip or other digital fingerprint recorded on any of the services you use to "clean" your illgotten gains.

I do realise you'd really have to have a welldrawn plan in order to make the washing seem completely random so nobody can just start analysing the blockchain and pinpoint you... And if you do slipup you'll probably end up in jail... But i don't think it's impossible if you keep your focus and know what you're doing.

Disclaimer: Eventough i'm pretty sure i'd be able to do this, i'm not offering my services to anybody... If you contact me to help you clean stolen funds, i'll probably report you to the authorities...

[DooMAD]

It's fortunate that the reality-check sunk in pretty quickly, so they only looked foolish for a short period of time.  I don't know why they briefly thought highly enough of themselves to entertain the absurd notion than anyone else would carry the burden of tidying up their mess for them.  I can't even begin to imagine a situation where the majority of users in a decentralised crytocurrency would willingly sacrifice the immutability of their blockchain to rescue a centralised company who dropped the ball.

[_Django05_]

Now, there is this talk about the "rollback" which can possibly reverse the 7,000 BTC transfer. This is considered to be conroversial since we don't know the possible consequences and there is the need to get the support of at least 51% of miners.

I don't think many would agree with this. If we do a roll-back, then every legit transaction will be invalidated as well, not just the 7K hacked bitcoin.
ETH did this back then when DAO was hacked and looked at what happened. Remember MTGox? Bitcoin didn't roll-back back then and neither this time.

[BrewMaster]

Am I the only one who's pissed that they even suggested this?
I mean, the audacity they have to even make a suggestion like that prompted me to instantly delete my account at Binance.

i got pissed at first but then it only makes me chuckle because when i read their statements about the "roll back" and the way they talk about it, it is clear that they have big delusions about their power over bitcoin
it seems like they think just because they run a centralized altcoin exchange with big volume it means they have a "button" which they can push and change the course of bitcoin as they like... lol

[AndreyVen]

No doubt it would have created a clean fork, chain split in two. Between the two camps, the immutable absolutist and the naive realists.

Exactly how it unfolded for ETH and ETC. They must have forgotten the damage that fork caused to ETH. They lost a good chunk of the community there and gave up a core philosophy.

[figmentofmyass]

It's fortunate that the reality-check sunk in pretty quickly, so they only looked foolish for a short period of time.  I don't know why they briefly thought highly enough of themselves to entertain the absurd notion than anyone else would carry the burden of tidying up their mess for them.  I can't even begin to imagine a situation where the majority of users in a decentralised crytocurrency would willingly sacrifice the immutability of their blockchain to rescue a centralised company who dropped the ball.

the majority of users would have nothing to do with it. it wouldn't have been a fork, just a block reorg. it's two valid branches, one of which gets orphaned. it would have only been between binance and the miners because the only way to incentive miners would be to donate some/most of the hacked coins to them. users wouldn't have been affected and in fact, miners don't need user permission to reorg the chain because it's compatible with the protocol. it's literally how bitcoin works. this is purely a matter of miner financial incentives.

bitcoin is not immutable. that has nothing to do with forks or users. it has to do with miners and it's the reason why we don't consider transactions with low/no confirmations secure.

people keep comparing this idea to the DAO fork but that analogy is horribly inaccurate. a lot of reactions i'm seeing show that many people don't understand bitcoin and how its incentives were designed to work. bitcoin is not here to bow to anyone's misguided views about what bitcoin should be. bitcoin is amoral. bitcoin is permissionless. bitcoin is. people need to stop thrusting their bullshit morality on free markets. it's obvious that a lot of people don't like how bitcoin works because the proposed reorg would have been 100% compatible with the protocol.

it seems like they think just because they run a centralized altcoin exchange with big volume it means they have a "button" which they can push and change the course of bitcoin as they like... lol

i don't think CZ said anything like that at all. there was no button to push, just up to 7k BTC to offer miners if a strong majority were willing to reorg the chain.

i read the threads and watched the AMA and i think people are being too hard on CZ out of ignorance. a bitcoin dev (jeremy rubin) and some others suggested the idea, CZ was totally ignorant about it like it had never crossed his mind, and then he made the horrible, tragic, unforgivable mistake of publicly mentioning that there was a discussion about it.

people in this space are like angry mobs with torches and pitchforks......

[marycrazy08]

I am glad that binance didnt pursue rollback, otherwise it will have a bad remarks in blockchain technology.

But i think, the safe  thing to do now is for people to make sure they store their assets in their own wallet or cold storage.

[zbig001]

the majority of users would have nothing to do with it. it wouldn't have been a fork, just a block reorg. it's two valid branches, one of which gets orphaned. it would have only been between binance and the miners because the only way to incentive miners would be to donate some/most of the hacked coins to them. users wouldn't have been affected and in fact, miners don't need user permission to reorg the chain because it's compatible with the protocol. it's literally how bitcoin works. this is purely a matter of miner financial incentives.

It seems to me, however, that the miners would be able to comprehend that consent to such a reorg would mean only a narrow peak on their income charts, followed by a vast depression.

Some of the miners and practically the entire developer community would not have decided to mine from the orphaned chain after such incident and develop that currency further?
The previous chain would have been without developers and would quickly become incompatible.

[gentlemand]

it's obvious that a lot of people don't like how bitcoin works because the proposed reorg would have been 100% compatible with the protocol.

It might end up chugging reasonably eventually. In the meantime the entire space would tear itself to shreds.

i read the threads and watched the AMA and i think people are being too hard on CZ out of ignorance. a bitcoin dev (jeremy rubin) and some others suggested the idea, CZ was totally ignorant about it like it had never crossed his mind, and then he made the horrible, tragic, unforgivable mistake of publicly mentioning that there was a discussion about it.

Summary from Peter Wuille here on how it might play out.

https://bitcoin.stackexchange.com/questions/87652/51-attack-apparently-very-easy-refering-to-czs-rollback-btc-chain-how-t/87655#87655

I think the incredulity is more to do with someone in that position entertaining an idea that almost anyone else would quash without voicing. It speaks of either - lack of education, stupidity or hubris. After this I hope his power dwindles rather than grows more than ever.  

[Ucy]

This is an interesting one. I was a bit confused when the roll back suggestions was made due to some of the great points listed here. And I thought bitcoin was alot vulnerable if transaction was that easy to rollback.
 
The most satisfying part of your points is that it will cost more than was lost to do the roll back...
Do you think a roll back would be reasonable or would be an option if the lost amount was very large, like a billion dollar?  And what if people who are affected by the roll back are compensated from the recovered fund?

[Altero]

This is an interesting one. I was a bit confused when the roll back suggestions was made due to some of the great points listed here. And I thought bitcoin was alot vulnerable if transaction was that easy to rollback.
 
The most satisfying part of your points is that it will cost more than was lost to do the roll back...
Do you think a roll back would be reasonable or would be an option if the lost amount was very large, like a billion dollar?  And what if people who are affected by the roll back are compensated from the recovered fund?

Not the only bitcoin will possibly do the rollback in case but with the entire marker as well. But we never think that we experience rollback after this short pumps instead, we positively are thinking that it will continue to rise until the end of this year.

Yeah, it really gives me hope and could be possible though.

[rodel caling]

Hacking incident from the most popular exchange is very shocking from the crypto ethusiasm, we don't expect binamce become victim of hackers. Users believe that the security of binance is very strong but of course if the hackes want to attract  they make possible ways how to success the plan.
The good news here is even the bad side news because of binance hack issue bitcoin until now continue to goes uptrend in the market cap.

[exchangestolemycoins]

Bitcoin rollback. Hah! What do you think this is, Ethereum?

[Yamifoud]

Bitcoin rollback. Hah! What do you think this is, Ethereum?

What you've think of?
OP is just specifying of what will happen after the hacking scenario to Binance exchanges but it doesn't give a huge strike of falls instead, it make an opposite direction into moving high. As we usually think that this will make a huge drop down of prices and sadly, it never had.

[Mr.Ease]

This whole deal makes me sick...

1. Why consider a 51% mining exploit to "FIX" a problem? That sounds retarded.

2. Why consider a 51% mining exploit to "Save" $40Mill from a $100Billion market? thats 0.004% - Dafuq?

Seems like Binance thinks they control the market. Like there shit don't stink like shit. I'd rather see Binance collapse than to see the Bitcoin realm bow down to them like they are some God.

Binance F*cked up. It's that simple. When you F*ck up - You pay the Price. That price today is $40Mill. And seeing how successful Binance is, I'm sure Nobody will be starving or Dying...

In fact - I'm sure Binance is still rolling around in stacks of Cash. Completely Pathetic they would even suggest this.

[thesmallgod]

Security bridge can not be eliminated but proper measure should be put in place so that the risk is minimal. Even though many exchange platform tap their security system idea from binance, the recent hack has shown that no exchange is totally secure. Almost every year, bad news regarding exchange hacking is being witnessed. I could remember last year binance also witness minor security threat. when an hacker deliberately inflate the price of a token listed on the exchange platform. One of the best means through which security bridge can be minimized is by carrying out security auditing regularly. I do not want to believe the hacker or hackers achieved this in one day but constant monitoring and testing of exploit on binance server.