Bitcoin developer @lukedashjr's wallet was hacked

[NeuroticFish]

This is another skeptical me argument hehehe.

"Don't trust, verify", remember? And then why trust somebody's claims, no matter who it is, if the things just don't add up?!

This might also be a way to prepare for an exit from holding bitcoin without being persecuted by the community? Claim he was hacked, mix the coins, keep the coins then sell on the next bull market when he has 10x of the present value. This is $20 million and very much enough for his retirement.

I love the mix of drama, conspiracy and price speculation
One thing that still looks odd is that all this shit show goes on only on Twitter. Nothing on Mastodon and nothing in here.
Another thing that must be cleared up is what was his actual "cold storage" setup.
And claiming that there's a CoinJoin in a tx that's actually clean...
...yeah, the things just don't add up. And I've got some logical explanations for this and that, still, far from enough.

I consider the hacking of 2 Twitter accounts easier than hacking into a cold storage.
The boating accident theory is also a not-too-bad idea.

[1714503015]

1714503015

[1714503015]

1714503015

[1714503015]

1714503015

[1714503015]

1714503015

[headingnorth]

This is really bad PR for Bitcoin.

If one of the most experienced devs can't keep his stash secure, how do we expect a random, way less tech-savvy users to do it?

So now, the average Joe will get the massage that self-custody is not safe and neither is holding on CEXs (i.e. because of FTX).

The first round of news coverage is out:
https://www.cryptotimes.io/bitcoin-developer-luke-dashjr-reportedly-lost-200-bitcoins/
https://beincrypto.com/early-bitcoin-developer-luke-dashjr-loses-3-6m-btc-due-supposed-key-hack/
https://www.indiatoday.in/amp/cryptocurrency/story/bitcoin-core-developer-claims-hacker-stole-more-than-200-btc-2316348-2023-01-02

Will see if any of the major news outlets pick up on that story. Peter Shiff will surely have a field day with this one.

We've been through worse though.


I feel really sorry for Luke, can't even imagine what it's like to lose that kind of amount in such way.

This question is disingenuous. Dashjr broke one of the basic rules of self custody. Which is to never store your private keys online.

The average non-tech savvy person can secure their bitcoin by simply following basic security rules.

Whenever you buy any modern cold storage device such as a Trezor or Ledger it always warns you during initial setup of the device to never store your private keys on any computer, never take a picture of it, never store it on a hard drive, cloud, flash drive, etc. I know this because I own both a Ledger S Nano and a Trezor One.

I can't believe such a supposedly smart person actually stored his private keys on his computer. Does not matter if it was encrypted. Any encrypted file can be broken with software you can download from the internet. You don't ever store your private keys on any electronic storage device, period.

[Ucy]

....
If one of the most experienced devs can't keep his stash secure, how do we expect a random, way less tech-savvy users to do it?

So now, the average Joe will get the massage that self-custody is not safe and neither is holding on CEXs (i.e. because of FTX).

Part of the issue is irreversible transaction.
It would be safer to build a decentralized platform on top of Bitcoin where Bitcoin transactions can be reversed if unauthorized people gain access to users coins

[NeuroticFish]

Part of the issue is irreversible transaction.
It would be safer to build a decentralized platform on top of Bitcoin where Bitcoin transactions can be reversed if unauthorized people gain access to users coins

You don't know what you're talking about. This would mean that anybody could reverse his transactions for no good reason. The merchants would have no reason at all to use Bitcoin, actually, it would be the opposite: they would avoid it.

[headingnorth]

Part of the issue is irreversible transaction.
It would be safer to build a decentralized platform on top of Bitcoin where Bitcoin transactions can be reversed if unauthorized people gain access to users coins

You don't know what you're talking about. This would mean that anybody could reverse his transactions for no good reason. The merchants would have no reason at all to use Bitcoin, actually, it would be the opposite: they would avoid it.

Well any credit card transactions can be easily reversed by the credit card company or bank, but most merchants still accept credit cards.

I have reversed a few credit card transactions myself by simply calling my bank and asking them to do it when I felt the merchant charged me  inappropriately or failed to render services. Most of the time the bank will do it. The merchant is usually given the chance to dispute the reversal.

Though I generally agree with bitcoin, transactions should probably not be possible to reverse. Or else you would need some person or persons to be the arbiter of any disputes and give them the power to reverse transactions. This would open a whole new can of worms.

If a dispute arises with a merchant that accepts bitcoin you simply can ask the merchant for a refund of your bitcoin. Failing that you can file a complaint with an authority or file a lawsuit.

[NeuroticFish]

Part of the issue is irreversible transaction.
It would be safer to build a decentralized platform on top of Bitcoin where Bitcoin transactions can be reversed if unauthorized people gain access to users coins

You don't know what you're talking about. This would mean that anybody could reverse his transactions for no good reason. The merchants would have no reason at all to use Bitcoin, actually, it would be the opposite: they would avoid it.

Well any credit card transactions can be easily reversed by the credit card company or bank, but most merchants still accept credit cards.

That's done by centralized institutions you and the merchant (have no option but to) trust. Ucy was talking about decentralized platform where transactions can be reversed.

[harlequininja]

speculated scenarios based on limited stuff said:

"email notifications from kraken/coinbase"
maybe the hacker got to the coins he had on an exchange

or

he uploads binaries for his bitcoin knots node to his server from github. hacker replaced binary with compromised one. luke downloaded binary from server without checking (who actually checks their own work if you believe you were the one that uploaded it(why check the binaries twice))
and then put his keys into the compromised binary of bitcoinknots and "byebye bitcoinio"

According to an article by ZyCrypto scenario B seems to be most likely.

Dashrj had reportedly used PGP to verify whether Bitcoin Knots or Bitcoin Core downloads were infected with malware before losing control of his keys in the process. Whereas Bitcoin Core is the most popular software used to connect to the Bitcoin network and run a node, Bitcoin Knots is a software with more advanced features than Bitcoin Core, but they are not as well-tested, making it more vulnerable to attacks.

https://zycrypto.com/crypto-community-on-high-alert-as-bitcoin-core-developer-loses-over-200-btc-in-hack/

So the blind spot probably was him working alone on this wallet/node software "BITCOIN KNOTS" . At least he was the responsible maintainer. By breaking his PGP they were able to mess with the source code probably and in the end even his 2FA which he introduced was comprised. Really tragic tale.

[fillippone]

Luke's funds are on the move again:




This is a proof that those funds weren't conjoined at all. Of course those funds will hit a conjoin sooner of later, that's inevitable.

Also this proves the "tax evasion scheme" would be playing poorly, if true.

[ringgo96]

Incidents like this always happen every year and we as bitcoin users always have to be careful in storing private keys, and applying maximum security, if we have done that then there is no way to stop hackers because they are always looking for ways to get into our bitcoin account which has a fairly large asset, the victims right now I'm concerned because no matter what way we do it's very difficult to detect hackers,hopefully this will be a valuable lesson for all of us.

[MiliMil]

Luke's funds are on the move again:




This is a proof that those funds weren't conjoined at all. Of course those funds will hit a conjoin sooner of later, that's inevitable.

Also this proves the "tax evasion scheme" would be playing poorly, if true.

I wonder if it will be possible to cash those BTC in. There is a digital footprint now and every crypto exchange will be watching for this closely.

[franky1]

im wondering if luke meant coinjoin not as a mixer but as a term meaning consolidated to new address

well the coins are moving again but the idiot is consolidating coins yet again
the ~204 lump that went out and the 9 lump that went out after.. . part of the 204lump split up and re-consolidated to the 9 lump few taints later

thus not a mixer. but a idiot just taint jumping through addresses he created himself in his own wallet (whomever he is)


1yar  204btc split split split split down to 33.7btc.(using legacy)
 and then consolidated with the 1yar 9btc  to make 43btc in a bc1q address

[fillippone]

Luke's funds are on the move again:




This is a proof that those funds weren't conjoined at all. Of course those funds will hit a conjoin sooner of later, that's inevitable.

Also this proves the "tax evasion scheme" would be playing poorly, if true.

I wonder if it will be possible to cash those BTC in. There is a digital footprint now and every crypto exchange will be watching for this closely.

If the attacker will eventually do something stupid, it will be quite easy to trace him. Don’t underestimate the human factor here. We have seen in the past some very experienced hackers, or rather social engineer, do l’incredibile stupid things with the stolen funds.

[franky1]

as said about the 204 which split down into legacy addresses before consolidating with another 9btc 1yar amount

the off shoot of the legacy splits went to p2sh wallet taint jumps
EG a 24 split that went into p2sh (prefix 3)
and a 17 split that went into p2sh (prefix 3)

then the 2 paths of p2sh split into small sw (bc1q prefix) addresses of precise amounts of 1-5btc whilst the remainders taint jumped down the p2sh paths

where the ends of the 2 paths of p2sh taint jumps resulting in two under 1btc amounts consolidated together into 1 sw address of 1btc
               1 sw
             23.352 p2sh
           /        \  1 sw
24leg              22.352 p2sh   1 sw                  sw sw sw
180leg                             \ 21 p2sh               /    /  /
         \                                      \.and so on  .\ .. \..\0.349324 p2sh \_  1 sw
        162 leg                              /and so on ../ ../../0.651364 p2sh /
           17.6532 p2sh         15.6532 p2sh       \   \  \
                   \                  /1 sw                    sw sw sw
                  16.6532 p2sh
                     1 sw

end result of the 2 paths of p2sh
https://www.blockchain.com/explorer/transactions/btc/6fc2f7370682b068c78778ce591a24c13dc797a172c69e31a1fd331e0cb80bff

basically whomever the hacker/mover is he is not even experienced with mixers because he is just taint jumping..
and is using 3 wallets/services to do so
one that prefers legacy change addresses. one that prefers p2sh change addresses and one that prefers segwit

im presuming the precise single digit btc amounts in segwit are 'chip mixer'(term not brand) chip amounts about to be mixed. but usually they get spent quite quickly in a mixer shuffle.

[BlackHatCoiner]

One conjecture I can make to justify this situation is that Luke is searching for some safe manner to evade taxation. He's been donated generously over the years, and he must have screwed it up with privacy at the most part. Pretending to be robbed and he might get away with it.

It's quite sad if that isn't true. A Bitcoin developer having his PGP key and his private keys compromised is just ironic.

[pooya87]

and is using 3 wallets/services to do so
one that prefers legacy change addresses. one that prefers p2sh change addresses and one that prefers segwit

One method that blockchain analyzers use is to create the link between input and output addresses that are of the same type and consider it less likely for different types to be linked. Using a different type of address among the outputs could be an attempt at throwing chain analyzers off.
Of course on its own and on such a high profile transaction, it is a weird thing to do...

[franky1]

and is using 3 wallets/services to do so
one that prefers legacy change addresses. one that prefers p2sh change addresses and one that prefers segwit

One method that blockchain analyzers use is to create the link between input and output addresses that are of the same type and consider it less likely for different types to be linked. Using a different type of address among the outputs could be an attempt at throwing chain analyzers off.
Of course on its own and on such a high profile transaction, it is a weird thing to do...

that use to be true. but the stupidity to consolidate different paths back together several taints across just makes the whole point of shifting fund over several disposable addresses pointless.. because when they were split in a same pattern per shift and then consolidate again it shows all the coins in between are the same person

usually you would split funds up into different addresses and types and amounts to be complete randomness..  and never let them meet up again to then make it appear they were sent to different people or services for different reasons to make it less clear when funds changed hands/ownership.. but however having a pattern and ending up together again just shows they never left that persons custody and just a wasted effort

[Ucy]

Part of the issue is irreversible transaction.
It would be safer to build a decentralized platform on top of Bitcoin where Bitcoin transactions can be reversed if unauthorized people gain access to users coins

You don't know what you're talking about. This would mean that anybody could reverse his transactions for no good reason. The merchants would have no reason at all to use Bitcoin, actually, it would be the opposite: they would avoid it.

One of the ways to do this:
A decentralized platform could offer a reversible transaction service for funds that can only be sent to a multisig address before reaching its final destination. This should enable people with huge amount of Bitcoin to only send their coins to such addresses controlled by them and co-signers. Once a multi-sig address receives such fund the owner is immediately alerted and he can then authorize the transaction and the fund automatically sent to the final recipient. If the owner reject the transaction the coins is sent back to his address

[BlackHatCoiner]

One method that blockchain analyzers use is to create the link between input and output addresses that are of the same type and consider it less likely for different types to be linked.

That's just a poor assumption. Shuffling your coins on addresses with or without different types provides the same levels of privacy. Just because one chain analysis treats different types as likely different individuals it doesn't mean another doesn't, and actually it doesn't make sense for even a chain analysis employee to justify such thing.

[franky1]

Part of the issue is irreversible transaction.
It would be safer to build a decentralized platform on top of Bitcoin where Bitcoin transactions can be reversed if unauthorized people gain access to users coins

You don't know what you're talking about. This would mean that anybody could reverse his transactions for no good reason. The merchants would have no reason at all to use Bitcoin, actually, it would be the opposite: they would avoid it.

One of the ways to do this:
A decentralized platform could offer a reversible transaction service for funds that can only be sent to a multisig address before reaching its final destination. This should enable people with huge amount of Bitcoin to only send their coins to such addresses controlled by them and co-signers. Once a multi-sig address receives such fund the owner is immediately alerted and he can then authorize the transaction and the fund automatically sent to the final recipient. If the owner reject the transaction the coins is sent back to his address

some people thought you were trying to promote a CSW protocol breaking money steal/refund option.. breaking bitcoins immutability

however the multisig option you now describe is how some have done things in the past.. its called escrow

however escrow refunds only work when you want to spend but unsure if the other party will release goods.. they only work when/because you enter a cooperative multisig. to cooperate and agree with the other party on payment/refund terms..

it doesnt work when someone is hoarding and not expecting a hacker to steal funds from hoarded funded addresses

[pooya87]

One method that blockchain analyzers use is to create the link between input and output addresses that are of the same type and consider it less likely for different types to be linked.

That's just a poor assumption. Shuffling your coins on addresses with or without different types provides the same levels of privacy. Just because one chain analysis treats different types as likely different individuals it doesn't mean another doesn't, and actually it doesn't make sense for even a chain analysis employee to justify such thing.

I imagine blockchain analysis methods are like a scoring system. There is of course a lot of things that are considered and analyzed but when the transaction checks all the boxes it has a higher chance of addresses being linked compared to a case where it doesn't (like having different address types among its outputs or round amounts, etc.). This is also why using it alone and like this makes no sense.