Bitcoins are not, in practice, fungible

[makomk]

Something interesting happened in #mtgox last night. A user got their account locked down and MagicalTux said that the reason for it was that the coins could be traced back to a theft a long time ago. He unlocked the account in question, but it means that the widely-held assumption that Bitcoins are fungible - that it doesn't matter which you get paid with - isn't true and hasn't been for some time. Some Bitcoins are tainted and will cause you problems when you try to exchange them while others aren't, and there's no easy way to tell which is which just by looking at them. (Wonder if there's a way to require payment with recently-mined bitcoins...)

I have no idea whether or how this will affect Bitcoin though.

[1714601386]

1714601386

[1714601386]

1714601386

[Revalin]

I was wondering when we'd see some of the first cases of this.

Long term I expect it'll be the same as it is with fiat: if you deposit some bills at a bank with serial numbers associated with a robbery or ransom, you'll probably get some extra attention and questions, but ultimately the value remains yours.

[Littleshop]

Something interesting happened in #mtgox last night. A user got their account locked down and MagicalTux said that the reason for it was that the coins could be traced back to a theft a long time ago. He unlocked the account in question, but it means that the widely-held assumption that Bitcoins are fungible - that it doesn't matter which you get paid with - isn't true and hasn't been for some time. Some Bitcoins are tainted and will cause you problems when you try to exchange them while others aren't, and there's no easy way to tell which is which just by looking at them. (Wonder if there's a way to require payment with recently-mined bitcoins...)

I have no idea whether or how this will affect Bitcoin though.

Well if that were true (which I personally doubt)......

That would only mean that bitcoins are not fungible at mtgox and with any merchant or exchange that wanted that behavior.  Customers could choose if they wanted to deal with exchanges like that or not.  

[BadBear]

This already happened once before, I've been searching but I can't find it, just tons of results about the original theft (it was allinvains coins). 

[ineededausername]

Why is mtgox still locking down those accounts? The bitcoins were probably sold long ago at Tradehill.

[CliffordM]

Well it won't stop the bit coin network from transacting in those coins (and ultimately laundering them) unless there's a change in the software to create some sort of address blacklist.  The worrying aspect is MtGox deciding to act as a policeman.  If they are going to do that I think they should make it quite clear.

[makomk]

Why is mtgox still locking down those accounts? The bitcoins were probably sold long ago at Tradehill.

Almost certainly - that's where the person depositing them reckoned they got them from originally. Though in theory I guess the amount of tainted bitcoins should be increasing over time until we hit the point where Mt Gox give up...

[ineededausername]

Why did tradehill decide not to cooperate with this blacklisting thing?  Was it the moral hazard?

[finway]

locked because it could be traced back to a theft ? Really ? 

[kokojie]

blacklisting is never a good idea

Why did tradehill decide not to cooperate with this blacklisting thing?  Was it the moral hazard?

[DeathAndTaxes]

Why did tradehill decide not to cooperate with this blacklisting thing?  Was it the moral hazard?

Because they shouldn't.  Mt. Gox is wrong.

There is no way to know the party in possession of the coins is the thief.

Thief steals coins.
Thief says I will give you 100K BTC for an equivalent amount of gold.
Thief has already profited, you have given up gold and are holding coins.  If those coins are worthless (or worth less in value) because of some merchants belief they have a God given right to be the Bitcoin Police then it undermines the entire system.

TL/DR version.
A bitcoin is only worth a bitcoin by consensus.  People deciding some bitcoins are worth more than other Bitcoins is not only idiotic it undermines the entire system. 

[BadBear]

Why did tradehill decide not to cooperate with this blacklisting thing?  Was it the moral hazard?

Because they shouldn't.  Mt. Gox is wrong.

There is no way to know the party in possession of the coins is the thief.

Thief steals coins.
Thief says I will give you 100K BTC for an equivalent amount of gold.
Thief has already profited, you have given up gold and are holding coins.  If those coins are worthless (or worth less in value) because of some merchants belief they have a God given right to be the Bitcoin Police then it undermines the entire system.

TL/DR version.
A bitcoin is only worth a bitcoin by consensus.  People deciding some bitcoins are worth more than other Bitcoins is not only idiotic it undermines the entire system. 

Agreed.  At least they aren't "confiscating" them or returning to the previous holder.  Slippery slope though. 

[ineededausername]

Why did tradehill decide not to cooperate with this blacklisting thing?  Was it the moral hazard?

Because they shouldn't.  Mt. Gox is wrong.

There is no way to know the party in possession of the coins is the thief.

Thief steals coins.
Thief says I will give you 100K BTC for an equivalent amount of gold.
Thief has already profited, you have given up gold and are holding coins.  If those coins are worthless (or worth less in value) because of some merchants belief they have a God given right to be the Bitcoin Police then it undermines the entire system.

TL/DR version.
A bitcoin is only worth a bitcoin by consensus.  People deciding some bitcoins are worth more than other Bitcoins is not only idiotic it undermines the entire system. 

Agreed.  At least they aren't "confiscating" them or returning to the previous holder.  Slippery slope though. 

OK makes sense.  Another reason to dislike mtgox.

[Littleshop]

Because they shouldn't.  Mt. Gox is wrong.

There is no way to know the party in possession of the coins is the thief.

And further, trying to collect data based on where they came from is flawed too.  Let say a thief wants to cover his tracks...

They place an order with an online store like mine, and send the merchandise to someone they do not like (placing the order as that person)....  Now I try to sell them, and the exchange asks me for information on where the coins came from.  I would not tell them, but if they did get that info....  It could lead to the wrong person.

[evoorhees]

This is an interesting topic...

I wonder, since bitcoins are divisible to 8 decimal places, and coins are churned and spent and divided and recombined, does this not mean that long term one would expect all accounts to have some fractions of "tainted" coins? Just like every person's normal dollar wallet probably has some bills that were involved in sketchy activity.

All coins will end up being tainted, and thus it wont' matter and it will be a meaningless observation.

[FreeMoney]

This is an interesting topic...

I wonder, since bitcoins are divisible to 8 decimal places, and coins are churned and spent and divided and recombined, does this not mean that long term one would expect all accounts to have some fractions of "tainted" coins? Just like every person's normal dollar wallet probably has some bills that were involved in sketchy activity.

All coins will end up being tainted, and thus it wont' matter and it will be a meaningless observation.

For some the taint will be more severe and more recent.

Naive merchants like MtGox will only be catching innocent users because it is trivial to shuffle coins and/or use a merchant or exchange that doesn't hassle people.

[DeathAndTaxes]

This is an interesting topic...

I wonder, since bitcoins are divisible to 8 decimal places, and coins are churned and spent and divided and recombined, does this not mean that long term one would expect all accounts to have some fractions of "tainted" coins? Just like every person's normal dollar wallet probably has some bills that were involved in sketchy activity.

All coins will end up being tainted, and thus it wont' matter and it will be a meaningless observation.

For some the taint will be more severe and more recent.

Naive merchants like MtGox will only be catching innocent users because it is trivial to shuffle coins and/or use a merchant or exchange that doesn't hassle people.

Exactly.  It is scary though that MtGox even feels they should have the power to investigate coin histories.  I mean shit in some ways that is WORSE than bank.  It also sets a bad precedent.  MtGox complains about all the regulatory hoops doing stupid shit like performing their own internal "investigations" into coin history is just going to invite such regulation.

"Look MtGox has been Bitcoin Police for years so lets make that a requirement for any exchange and at the same time create a national registry of bad coins and a investigation arm, some requirements for people to document the history of their coins, etc". 

[miscreanity]

This is an interesting topic...

Very - it's a moral issue that really has nothing to do with the underlying structure, but could still be viewed negatively from a certain perspective. Like anything else, I'd expect the time duration from an incident to gradually reduce any apprehension, just as people don't seem to be quite as sensitive anymore about the bubble and exchange security concerns.

[amencon]

Hmm nice that this was brought up.  I expect MtGox will be reading this and will choose a different course of actions next time this issue comes up.  The arguments made against locking accounts with "tainted" coins are very compelling.

[julz]

See this for some thoughts on how taint-tracking systems may actually be inevitable:
http://bitcoin.stackexchange.com/questions/2119/is-there-any-way-the-bitcoin-network-could-resist-a-viral-tainted-coin-tagging-s

[TTBit]

What is at issue here?

A) "Bad business decision by MtGox" - ok, I can agree, but haven't heard both sides of the story.

B) "MtGox can't do that." - They can do whatever they want with their business (not including defrauding people). MtGox owes the community nothing.

[allten]

I've also anticipated this happening.
If it continues, it will simply add pressure for a competing exchange that is much more anonymous and is always mixing customers Bitcoins.
You could call it the BMBTCX (black market bitcoin exchange). Making it truly anonymous and secure would be challenging.
But I'm sure you could go there and buy tainted bitcoins for a discount. In time, tainted bitcoins may become a non-issue.
It will be interesting to see how this develops.
Hope they catch anyone involved in fraud.

Sounds like a website needs to be built where stolen funds can be published and individuals and organizations can digitally vouch for bitcoins being tainted or not.
Might be cool.

[DeathAndTaxes]

What is at issue here?

A) "Bad business decision by MtGox" - ok, I can agree, but haven't heard both sides of the story.

B) "MtGox can't do that." - They can do whatever they want with their business (not including defrauding people). MtGox owes the community nothing.

Both.  MtGox is asserting itself as a Police entity.  They have no lawful Police powers.  Seizing funds that don't belong to you is also known as STEALING.

Here is an example.  I offer to sell you a GPU for 50 BTC.  You send me the 50 BTC.  Based on my secret and internal "D&T database of bad coins" (trademarked and patent pending) I determine those coins were stolen.  I keep your 50 BTC.

Would you say "Sure D&T can do that.  He can run his business however he wants".

Police work is the responsibility of the Police.  If MtGox is complying w/ a warrant or court order that is one thing.  If MtGox has suddenly appointed themselves the Bitcoin Police that is UNLAWFUL.  I expect eventually if they do this on a large enough sum someone will file suit.


If MtGox doesn't want to do business w/ self determined "bad coins" they could simply reverse the transaction and inform the depositor.

[Herodes]

As many pointed out, this is a slippery slope.

mtGox has no right to act as a police, but it would be nice to be able to help the community in cases where coins are stolen and then attempted to be sold on mtGox. But who should determine this, and how should it be done? There would need to be rules for this, and it's not an easy subject.

What if someone stole 10K BTC. Then gradually sold these off for cash in person. How on earth would anyone be able to know that these coins were stolen? I'm sure a tracking system could be created, but how could we make sure that any addresses entered into that system were legit ?

So say Joe steals 10K BTC from onlinewallet.com, he lives in London, and travels frequently in Europe. He sells bitcoins for 100 - 1000 USD to a lot of buyers, in person. Do we expect these buyers to check against some kind of black list? Should there be a blacklist in the client ? Would it not happen that some coins wrongfully became blacklisted? Seems like a bad idea to have some kind of blacklisting.

Joe sells 200 BTC to Alice in Amsterdam. Alice keeps her coins, but one day she decides to sell them for whatever reason. She could have found a local buyer, but she has an mtGox account, and deposits the coins there. Shortly thereafter her account is blocked and she recieves a message that her coins are coming from a bitcoin robbery.

Is this fair or even legal ?

* Joe steals 200 BTC from onlinewallet.com.
* Joe sells 200 BTC to Alice: Joe profit in hard cash.
* Alice try to sell coins on mtGox, but lose her coins: Alice lost a lot of money.

Who's to keep the coins then ? mtGox ? Onlinewallet.com that got robbed gets them back?

I think the only way to solve things like these is to let mtGox have absolutely zero police power.

If someone loses 10K BTC, they should contact the police immediately. But another issue is:
What's the legal standing of such a loss, is it something that would be recognized and handled
correctly by the police, and would the police have enough technical knowledte to do anything
about the case ?

There are many questions here, and a very slippery slope for mtGox. What I know is that if I bought
a lot of coins and tried to sell them on mtGox, and the coins were frozen because they were tainted,
this would not make me much happy at all...

[Revalin]

I believe it's the Bitcoin network that makes transactions legitimate.  If Alice transfers coins to Gox and it gets into the blockchain, that money was paid, and Gox has an obligation to uphold their side of the implicit contract, specifically to increase her account balance.

If we are going to start treating coins as tainted, that needs to happen with network consensus.

[bluefirecorp]

What is at issue here?

A) "Bad business decision by MtGox" - ok, I can agree, but haven't heard both sides of the story.

B) "MtGox can't do that." - They can do whatever they want with their business (not including defrauding people). MtGox owes the community nothing.

Here is an example.  I offer to sell you a GPU for 50 BTC.  You send me the 50 BTC.  Based on my secret and internal "D&T database of bad coins" (trademarked and patent pending) I determine those coins were stolen.  I keep your 50 BTC.

Would you say "Sure D&T can do that.  He can run his business however he wants".

If it's in the terms of service to you and you've agreed to those terms of service, then he can.

[TTBit]

What is at issue here?

A) "Bad business decision by MtGox" - ok, I can agree, but haven't heard both sides of the story.

B) "MtGox can't do that." - They can do whatever they want with their business (not including defrauding people). MtGox owes the community nothing.

Both.  MtGox is asserting itself as a Police entity.  They have no lawful Police powers.  Seizing funds that don't belong to you is also known as STEALING.

Here is an example.  I offer to sell you a GPU for 50 BTC.  You send me the 50 BTC.  Based on my secret and internal "D&T database of bad coins" (trademarked and patent pending) I determine those coins were stolen.  I keep your 50 BTC.

Would you say "Sure D&T can do that.  He can run his business however he wants".

Police work is the responsibility of the Police.  If MtGox is complying w/ a warrant or court order that is one thing.  If MtGox has suddenly appointed themselves the Bitcoin Police that is UNLAWFUL.  I expect eventually if they do this on a large enough sum someone will file suit.


If MtGox doesn't want to do business w/ self determined "bad coins" they could simply reverse the transaction and inform the depositor.

I agree he can refuse the transaction. I don't know the details of what happened.

Maybe this leads to a clean coin exchange. I'll pay 50.500 btc for a virgin block.

[theymos]

This already happened once before, I've been searching but I can't find it, just tons of results about the original theft (it was allinvains coins). 

I believe this is a continuation of this case:
https://bitcointalk.org/index.php?topic=3712.0

Edit: The same coins, I mean. Perhaps not the same person.

[miscreanity]

If we are going to start treating coins as tainted, that needs to happen with network consensus.

Exactly - there is no provision for locking units in the protocol. It's a third-party dependent feature currently - in the example being used for this thread, Mt. Gox is policing its own environment within the greater Bitcoin economy.

If it's a direct transfer, there should be no issue. That means anything that isn't part of Mt. Gox. For there to even be a 'taint' problem, any complication would have to occur to a user within the exchange (which could be viewed as its jurisdiction).

So trouble might arise if funds were removed from MG, subsequently viewed by MG as 'tainted' and then the current owner of the funds attempted to make use of Mt. Gox afterward using those same funds. That would still only discourage use of Gox, not eliminate potential for transfer.

This comes down to a similar set of trade-offs as citizenship: if I have an account with Mt. Gox (passport from EU), my funds can be protected to an extent, but I have to submit to whatever the rules are within the exchange (or EU). If I don't have an account at the exchange, I forfeit the level of protection offered (safety from extradition, etc) but am free to conduct transactions however I choose.

Now a question might arise involving ownership of an account with Mt. Gox that has zero balance and experiencing a loss elsewhere. Is that the exchange's concern or not? Who decides? If that situation were honored, would it lead to witch-hunt style refusal of transactions through the exchange due to circumstantial reporting?

I think that would be a very dangerous precedent and hope it never becomes part of the protocol. Responsible asset management is far better in the long-run.

[gregwtmtno]

I think it's a good idea to do this kind of tracing of stolen coins. Theoretically, if people know that if they buy stolen coins they might not be able to resell them, they might not buy them in the first place. As a result, thieves will have a tougher time unloading stolen coins.

[Littleshop]

I think it's a good idea to do this kind of tracing of stolen coins. Theoretically, if people know that if they buy stolen coins they might not be able to resell them, they might not buy them in the first place. As a result, thieves will have a tougher time unloading stolen coins.

We really have no way of knowing which coins are stolen in the first place.  Someone could buy something with coin, then say they were stolen after the goods were delivered.  It would almost always be one persons word against another.  Even in high profile cases it would be very hard to tell what is really going on. 

[DeathAndTaxes]

I think it's a good idea to do this kind of tracing of stolen coins. Theoretically, if people know that if they buy stolen coins they might not be able to resell them, they might not buy them in the first place. As a result, thieves will have a tougher time unloading stolen coins.

I have some coins to sell you.

Are they stolen or are they legit?  Please let me know how you verify.

The only person getting stuck w/ tainted coins is victims.

Worst case scenario is it simply makes Bitcoins less valuable for theives (i.e. less than face value) as they will want to unload them quickly before being considered tainted (and thus once again only screw over the person who unkowingly buys them.

Even if there was a global universal database of tainted coins (a pipe dream if I ever heard one) here is a timeline.

1) I steal 10,000 coins.
2) Knowing time is of the essence I unload them before the victim even discovers they have been stolen.   The more I discount them the quicker I can sell them. 
3) Victim reports coins as stolen.
4) Some central authority  (Mt Gox Police Dept??) verifies the claim of stolen coins and within hours? days? weeks? updated the global registry of stolen coins.

Not my problem I already have unloaded them to some suckers who see the value of their coins becomes worthless.

Now how many victims have to see their coins become worthless before people start saying "Fuck Bitcoin your coins can become worthless at any point in time"?  What do you think that will do to the overall value of Bitcoin as a mechanism for exchange?

[FreeMoney]

I think it's a good idea to do this kind of tracing of stolen coins. Theoretically, if people know that if they buy stolen coins they might not be able to resell them, they might not buy them in the first place. As a result, thieves will have a tougher time unloading stolen coins.

I have some coins to sell you.

Are they stolen or are they legit?  Please let me know how you verify.

The only person getting stuck w/ tainted coins is victims.

Worst case scenario is it simply makes Bitcoins less valuable for theives (i.e. less than face value) as they will want to unload them quickly before being considered tainted (and thus once again only screw over the person who unkowingly buys them.

Even if there was a global universal database of tainted coins (a pipe dream if I ever heard one) here is a timeline.

1) I steal 10,000 coins.
2) Knowing time is of the essence I unload them before the victim even discovers they have been stolen.   The more I discount them the quicker I can sell them. 
3) Victim reports coins as stolen.
4) Some central authority  (Mt Gox Police Dept??) verifies the claim of stolen coins and within hours? days? weeks? updated the global registry of stolen coins.

Not my problem I already have unloaded them to some suckers who see the value of their coins becomes worthless.

Now how many victims have to see their coins become worthless before people start saying "Fuck Bitcoin your coins can become worthless at any point in time"?  What do you think that will do to the overall value of Bitcoin as a mechanism for exchange?

More like how many times does MtGox have to get screwed by taking coins that don't get marked tainted until later before they go out of business.

[julz]

I think it's a good idea to do this kind of tracing of stolen coins. Theoretically, if people know that if they buy stolen coins they might not be able to resell them, they might not buy them in the first place. As a result, thieves will have a tougher time unloading stolen coins.

I have some coins to sell you.

Are they stolen or are they legit?  Please let me know how you verify.

The only person getting stuck w/ tainted coins is victims.

Worst case scenario is it simply makes Bitcoins less valuable for theives (i.e. less than face value) as they will want to unload them quickly before being considered tainted (and thus once again only screw over the person who unkowingly buys them.

Even if there was a global universal database of tainted coins (a pipe dream if I ever heard one) here is a timeline.

1) I steal 10,000 coins.
2) Knowing time is of the essence I unload them before the victim even discovers they have been stolen.   The more I discount them the quicker I can sell them. 
3) Victim reports coins as stolen.
4) Some central authority  (Mt Gox Police Dept??) verifies the claim of stolen coins and within hours? days? weeks? updated the global registry of stolen coins.

Not my problem I already have unloaded them to some suckers who see the value of their coins becomes worthless.

Now how many victims have to see their coins become worthless before people start saying "Fuck Bitcoin your coins can become worthless at any point in time"?  What do you think that will do to the overall value of Bitcoin as a mechanism for exchange?

This is a strawman of how any government tainting system would ever operate.
The coins in the innocent party's hands wouldn't automatically become worthless.

The coins would, upon entering one of the government audited merchants/exchanges be either taxed heavily, or placed in temporary escrow.
The point being - that the affected person could then provide information as to where the tainted coins came from in order to get their funds back, thus getting the regulators a step closer to the thief.

I'm not saying I would really like such a system - but I think that's a far more likely scenario as to how it would operate, and I do see something like this as an inevitability if people start using bitcoin as the preferred tool for serious crimes such as kidnapping and for 'financing of terrorism'.

[reg]

any kind of tracing- marking as tainted or Bitcoin FBI involvement is an anathema to me. All such talk debases the core principal of Bitcoin and should in my opinion be avoided. each BTC I recieve is the same as any other its value is determined by me and one other (the exchange partner ) agreed probably by current exchange rate. I do not need to know where it came from or where it is going. It is my private intelectual property to do with as I please without interference or control by any other third party.  There is no legal system attatched to this as BTC do not exist in reality. It is not money. each BTC is a string of random numbers in cyberspace. nothing more and would dissapear if cyberspace was for some reason not accessable. (ie no internet)  The solution to theft is in my opinion only feasable by ensuring widespread and easier protection and storage of wallet.dat files. If only I as origionator and operator of a wallet can have access to its contents there is no theft!. regards reg.

[BubbleBoy]

Coins are not fungible, that's a given. MtGox has full rights to chose it's customers. Don't start with that liberal bullshit about non-discrimination. Bars frequently reject customers that score positive for cocaine on their hands (they have very sensitive scanners). It's not a stretch to imagine they could reject drug-tainted money:
http://en.wikipedia.org/wiki/Contaminated_currency

So MtGox if fully within it's rights to reject or confiscate "stolen" coins, as long as it makes it perfectly clear in their TOS. Of course, it's a stupid stunt that will only harm innocent bystanders. The fact that MtGox can get away with this is a testament to the flaky nature of the bitcoin economy, which is basically composed of miners and speculators all centered around a single site, MtGox.

[FreeMoney]

They're within their rights like I have the right to sell dogshit soup. It's super bad to act like you accept bitcoin when you only accept some bitcoins. And the method for telling which ones they accept is opaque, and they aren't simply going to return them or it would be fairly pointless. It would be like a paper dollar merchant not just declining dollars they deemed suspicious, but keeping them and not delivering product.

Maybe someone from this site wants to tell us if customers have an expectation of being paid only in coins that were never involved in a crime. Likely the risk runs one way only. Lose coins if they are deemed tainted by Gox, no recourse if Gox gives you tainted coins.

Is there a procedure for reporting crimes? Are crimes of all sizes given consideration? Someone didn't send me product, this counts right? How about my cousin grabbing my instawallet funds?

Really, promise to give it up and then actually give it up.

[wareen]

http://en.wikipedia.org/wiki/Contaminated_currency

Wow, I never thought of banknotes as a health hazard - one more argument for Bitcoins

[CoinSpeculator]

What is at issue here?

A) "Bad business decision by MtGox" - ok, I can agree, but haven't heard both sides of the story.

B) "MtGox can't do that." - They can do whatever they want with their business (not including defrauding people). MtGox owes the community nothing.

Both.  MtGox is asserting itself as a Police entity.  They have no lawful Police powers.  Seizing funds that don't belong to you is also known as STEALING.

Here is an example.  I offer to sell you a GPU for 50 BTC.  You send me the 50 BTC.  Based on my secret and internal "D&T database of bad coins" (trademarked and patent pending) I determine those coins were stolen.  I keep your 50 BTC.

Would you say "Sure D&T can do that.  He can run his business however he wants".

Police work is the responsibility of the Police.  If MtGox is complying w/ a warrant or court order that is one thing.  If MtGox has suddenly appointed themselves the Bitcoin Police that is UNLAWFUL.  I expect eventually if they do this on a large enough sum someone will file suit.


If MtGox doesn't want to do business w/ self determined "bad coins" they could simply reverse the transaction and inform the depositor.

This is such a fundamentally absurd post.  Market's police themselves without the state.  If that involves shunning transactions with those known to trade in stolen goods, they absolutely have that right.  MtGox has no obligation to comply with any warrant, court order, or any authority whatsoever because all "lawful authority" is unjustly acquired.  If MtGox gets a reputation for stealing coins under dubious circumstances then people will shun them and the market will police itself by putting MtGox out of business.  MtGox absolutely has the right to police themselves and you can go somewhere else to funnel your stolen coins into dollars.

[ovidiusoft]

MtGox can do whatever they want, legal, illegal, moral, immoral, and they answer for it legally or business-wise. I wouldn't do business with someone if I believe it might get me in trouble (whatever that "trouble" might be), either. They probably considered it's more risky for their business (remember they are, but Bitcoin standards, huge) to allow the trading of those coins. What's the problem?

Whether they will lose business because of it, remains to be seen. As long as we have choices of exchangers, I don't worry. What they should do, is to write an easy to read and understand TOS so customers know what are the security procedures (maybe they do have something like this, I only checked the front page, it's not there), how they do their checks, and so on.

Let me be the devil's advocate: a risk-adverse customer (let's ignore for a moment the fact that Bitcoin is not for the risk-adverse people ) might consider a great advantage that someone is taking care they won't buy stolen coins. Who are we to decide that is not a reasonable thing to do?

[DeathAndTaxes]

What is at issue here?

A) "Bad business decision by MtGox" - ok, I can agree, but haven't heard both sides of the story.

B) "MtGox can't do that." - They can do whatever they want with their business (not including defrauding people). MtGox owes the community nothing.

Both.  MtGox is asserting itself as a Police entity.  They have no lawful Police powers.  Seizing funds that don't belong to you is also known as STEALING.

Here is an example.  I offer to sell you a GPU for 50 BTC.  You send me the 50 BTC.  Based on my secret and internal "D&T database of bad coins" (trademarked and patent pending) I determine those coins were stolen.  I keep your 50 BTC.

Would you say "Sure D&T can do that.  He can run his business however he wants".

Police work is the responsibility of the Police.  If MtGox is complying w/ a warrant or court order that is one thing.  If MtGox has suddenly appointed themselves the Bitcoin Police that is UNLAWFUL.  I expect eventually if they do this on a large enough sum someone will file suit.


If MtGox doesn't want to do business w/ self determined "bad coins" they could simply reverse the transaction and inform the depositor.

This is such a fundamentally absurd post.  Market's police themselves without the state.  If that involves shunning transactions with those known to trade in stolen goods, they absolutely have that right.  MtGox has no obligation to comply with any warrant, court order, or any authority whatsoever because all "lawful authority" is unjustly acquired.  If MtGox gets a reputation for stealing coins under dubious circumstances then people will shun them and the market will police itself by putting MtGox out of business.  MtGox absolutely has the right to police themselves and you can go somewhere else to funnel your stolen coins into dollars.

There is a difference between REJECTING a transaction and simply SEIZING the money.  

i.e.
"Sorry we can't accept this deposit of 1000 BTC because they have been flagged by our internal database.  They have been refunded to the sending address.  For more information click here"

vs

"Sorry your deposit includes funds that our secret database has determined (at our sole discretion) are tainted.  We have seized the funds until you prove to use they are legit.  If you can't prove to use they are legit we will keep them."

Seizure of assets by a private entity without backing of the courts (due process) is generally considered unlawful.  Just because Mt. Gox can get away with it doesn't make it right and certainly doesn't make it something we should advocate.

[BubbleBoy]

Seizure of assets by a private entity without backing of the courts (due process) is generally considered unlawful.

They are not seizing the money, they force you to identify yourself in order to redeem them. There is nothing illegal in doing so, in fact most jurisdictions require financial entities to know their customers. If MtGox has reasons to believe the customer might be a criminal, then asking the customer to identify himself is unquestionably legal.

This is exactly what PayPal does on a regular basis with account limitations until you submit ID info. And they do it on a massive scale, there are much more limited accounts in PayPal's system than there are regular accounts in MtGox. It should not be surprising that Bitcoin processing sites start to look more and more like PayPal, they are shaped by the same real-world laws.

[DeathAndTaxes]

Seizure of assets by a private entity without backing of the courts (due process) is generally considered unlawful.

They are not seizing the money, they force you to identify yourself in order to redeem them. There is nothing illegal in doing so, in fact most jurisdictions require financial entities to know their customers. If MtGox has reasons to believe the customer might be a criminal, then asking the customer to identify himself is unquestionably legal.

This is exactly what PayPal does on a regular basis with account limitations until you submit ID info. And they do it on a massive scale, there are much more limited accounts in PayPal's system than there are regular accounts in MtGox. It should not be surprising that Bitcoin processing sites start to look more and more like PayPal, they are shaped by the same real-world laws.

Um this isn't indentifying the person.  I have no issue w/ know your customer compliance.

This is MtGox determining coins are tainted and seizing them until/unless the depositor can prove otherwise.

[BubbleBoy]

Has this actually happened  ? (the depositor forced to prove the "coins are not tainted", whatever that means)
From what I understand up to now in all cases where funds were frozen the customers could not be contacted by email. Until shown otherwise, we must assume that MtGox will be satisfied with a photo ID of the owner and a description of how they acquired the funds. Both of which are regularly requested by my bank.

They also stated they only act upon notification from a law enforcement agency, and depending on the local law returning stolen property to the lawful owner might be mandatory. So they might have no choice over confiscating the coins, other than compensate the alleged thief out of their own pocket.

[FreeMoney]

I don't believe that law enforcement contacted them and said hey keep an eye out for bitcoin transactions that had inputs from this or that address.

[realnowhereman]

Mtgox can't do anything but "seize" them. There is no way to refuse to receive bitcoins and there is no way to be sure that the sending address is an appropriate return address, nor to identify the sender.

The only remaining options are to ignore tainted coins or to require a meatspace id in preparation for any potential legal investigation that appears in the future.

[gregwtmtno]

I think it's just like cash. If you show up at a bank with a ton of cash, you better believe they're going to ask questions. No reason Mt. Gox has to make it easier for people to move around stolen coins.

[tvbcof]

The first time I remember Mt. Gox locking users for having 'stolen' coins, it became immediately obvious that they got the coins in question from Tradehill.  I remember watching these coins move around in odd ways on Tradehill, and got some of them myself (or I should say, I bought BTC on dips caused by a large previous owner wanting badly to have cash instead of BTC.)

Whatever method Mt. Gox has for identifying stolen coins needs to be either refined or open-sourced for scrutiny by more competent persons as it is currently sub-standard and if probably only Mt. Gox with their near monopoly could get away with harassing their users on the basis of that quality of analysis.

Beyond that, I would have trouble classifying any BTC losses as 'thefts' on a philosophical basis.  In the case of various services (e.g., MyBitcoin, B7, etc) people willingly gave their BTC to someone who turned out to be not reliable.  In the case of allinvain, keeping that much value in a single wallet.dat on a Windows machine was at best unbelievably negligent, and there is always the possibility that the whole thing was staged.  There is no reason why I as a holder of BTC should be penalized or even inconvenienced by the poor judgement of others.

[Stephen Gornick]

Similar activity (Mt. Gox locking accounts and claiming bitcoins deposited were derived from stolen funds) allegedly occurring following the Linode hack (of wallets at Bitcoinica, Slush, Faucet / etc.):

Hi,

We have noticed you have deposited recently 7 BTC and have a reason to believe those coins may have come from the coins stolen from Bitcoinica (see the bitcointalk forum for more details).

MtGox Co. Ltd.

- http://bitcointalk.org/index.php?topic=67091.msg780420#msg780420

[Update: A related thread on an allegation that another exchange is the recipient of coins related to the theft:
 - http://bitcointalk.org/index.php?topic=67129.0
]

[Cosbycoin]

Well it won't stop the bit coin network from transacting in those coins (and ultimately laundering them) unless there's a change in the software to create some sort of address blacklist.  The worrying aspect is MtGox deciding to act as a policeman.  If they are going to do that I think they should make it quite clear.

Agreed. Stolen coins are stolen coins. If someone was dumb enough to get them stolen then they should be stolen.

In slush's case I can understand it wasn't his fault so then those are coins Mt. Gox should be trying to protect from being exchanged.

[reg]

to death and taxes,  I think you are right- deal with MtGox if you are prepared to accept their KYC rules and acept they are just like police in the system we are trying to get rid of.  I was just about to deposit cash to buy BTC on MtGox- but I dont think I will now! I will go somewhere else and there are other options bye-bye MtGox.  reg

[Andrew Vorobyov]

to death and taxes,  I think you are right- deal with MtGox if you are prepared to accept their KYC rules and acept they are just like police in the system we are trying to get rid of.  I was just about to deposit cash to buy BTC on MtGox- but I dont think I will now! I will go somewhere else and there are other options bye-bye MtGox.  reg

They free to inform about these coins.. but they can NOT reject them or expropriate it.

[Hawker]

This already happened once before, I've been searching but I can't find it, just tons of results about the original theft (it was allinvains coins). 

Did allinvain get his coins back ?  When did that happen ?

[BadBear]

This already happened once before, I've been searching but I can't find it, just tons of results about the original theft (it was allinvains coins). 

Did allinvain get his coins back ?  When did that happen ?

I don't think so, but I just meant that Mt Gox already locked accounts before for dirty bitcoins.

[k9quaint]

Stolen bitcoins should always be farmed OTC.
Exchanges exist to reduce counterparty risk, one of which is stolen goods which expose the buyer to legal consequences.
Don't like exchanges needing to know you? Don't use them.

[the joint]

I have never used Mt. Gox to this point except for a brief test where I had about 25 cents in there.  They ended up terminating my account and stealing the 25 cents -- at least that's what I assume as I can no longer log into my original account with a password that was over 20 random characters and symbols.  My linked email account has a similarly-complex password.

And, I plan to never, EVER use Mt. Gox after reading the dozens and dozens of horror stories on this forum.

My guess is that MtGox is simply comprised of a few greedy fucks who will not hire any more customer service reps because they want to keep their individual profits to a maximum.

DeathandTaxes hit the nail on the head.  Locking accounts and seizing funds is stealing, even if only temporarily.  In the event that Gox were to conclude that the deposited funds are stolen and thus permanently seize the funds, this is still stealing.

[marcus_of_augustus]

So if a bunch of the stolen coins go through the bitcoin fog

http://www.bitcoinfog.com/

and are mixed and bundled with 'worthy' coins and then deposited in the goxhole ... which ones do the goxes poach then?

Gox in charge of the hen house?

[k9quaint]

Stolen bitcoins should always be farmed OTC.
Exchanges exist to reduce counterparty risk, one of which is stolen goods which expose the buyer to legal consequences.
Don't like exchanges needing to know you? Don't use exchanges.

FTFY

Nice try. But you can do over the counter transactions with Bitcoin and you won't have to worry about an exchange seizing your bitcoins.
This is not a problem inherent to Bitcoin as you suggest. It is a "problem" with exchanges acting as middlemen.
Except that is the entire reason for exchanges to exist, to act as middlemen and make sure neither party gets left holding the bag.

[matonis]

The worrying aspect is MtGox deciding to act as a policeman.  If they are going to do that I think they should make it quite clear.

+1  Don't punish the innocent for the sins of the guilty; anyone can get 'bad' $20 bills in their change or even from an ATM.

[stochastic]

The question is, what happens when those stolen bitcoins are exchanged long enough that an unsuspecting person ends up with them and then deposits them into their Bitcoinica account.  Will they be confiscated?  I don't think Bitconica would do that but the thought is creepy.

[disclaimer201]

IS MtGox going to decide just how tainted coins must be in order for them to be seized? 90%? 50? 20? 10? 1%?

This is messed up. As I've mentioned in another thread about this topic, I believe we need a network/community consensus or this may become a case that will either confuse many people and keep them from further- or ever start using BTC (forget a widespread BTC usage in the future if things get so complicated that I have to know how to verify coins let alone do it with every transaction) or it may split up the users in favor and against such tracking measures. The latter would be bad, too b/c there is already some fuzz going on what should be implemented officially and what not.

Some people claim tracking and tainting is going to be inevitable even b/c of the way bitcoin is created - we should make clear to everyone that we don't want tainted Bitcoins to be seized and returned to their original owners, who were sloppy with their security precisely b/c it will undermine the system. So, this is not a question of technical doability but one of politics. In any way, the recent theft has made quite an impact already, enough to get me thinking whether it could be a coordinated attack from someone having had enough time to find bitcoins weakness and/or the "community's" weakness (namely separation and disillusionment). Let's hope the thieves were really just greedy bastards.

[marcus_of_augustus]

... or we could just accept that due the fundamental of the design, bitcoins are just not that fungible.

Of course, a more fungible cryptocurrency than bitcoin would also be more anonymous and private (by corollary?).

The poor fungibility is related to what makes bitcoin only pseudo-anonymous with further layers being required to achieve strong anonymity with the bitcoin scheme .... however it is difficult to imagine a pattern of bits that is indistinguishable from another pattern of bits and yet can be issued in only limited amounts ....  double-spend and fungibility are not easy to satisfy simultaneously it seems ... makes gold look like good money ... we need some way to be able to "melt-down" tainted bitcoins so they can be like fresh minted again ...

[marcus_of_augustus]

we need some way to be able to "melt-down" tainted bitcoins so they can be like fresh minted again ...

Transaction fees. 

Care to elaborate on that ... ?

[Polvos]

we need some way to be able to "melt-down" tainted bitcoins so they can be like fresh minted again ...

Transaction fees. 

Care to elaborate on that ... ?

Yes please, explain how.

[realnowhereman]

I can't quite remember; but I believe this to be correct.

Transaction fees are paid by making the inputs of a transaction be larger than the outputs.  The miner is then entitled to add that difference to their coin base transaction.  Note: the coin base.

The coin base is not directly connected to the input transactions in the block.  It is the creation of new coins.

You can therefore convert old coins to "new" coins by paying the whole value of a transaction as the fee.  Of course you've given their value to the miner, so there is no real reason to do it.

[Soros Shorts]

You can therefore convert old coins to "new" coins by paying the whole value of a transaction as the fee.  Of course you've given their value to the miner, so there is no real reason to do it.

Is there any reasonably way in which someone can make these transactions get picked up by their own miners when they solve a block?

[Polvos]

¿Can a large mining pool owner act as a Bitcoin launderer not broadcasting a fake all-fee-transaction and including it in a valid block mined by the pool?

[muyuu]

This is a problem that, within Bitcoin, can only be solved collaboratively. Either exchanges should be pressed to explicitly accept all BTC from all origins and make this contractual, or we should run a big P2P coin mixing system including a big enough % of users that exchanges would have to submit to it.

[Lupus_Yonderboy]

You can still track where those fees came from. It is a bit harder, but not impossible. Besides, if you start doing really large transaction fees with the intent of attempting to launder coins, people can simply consider those coinbases to be tainted as well.

There will be a time in the not so distant future where somebody will add the functionality to a client which allows the user to specify a tainted transaction, block, or address with which they do not want to receive coins from. The client will then allow the user to segregate those coins from the rest of their clean coins to do dispose of how they see fit. It is already a part of the protocol to be able to specify exactly which bitcoins go into a transaction, allowing the user an interface to do so directly simply gives them more fine grained control over their money.

It is my right to do business or not do business with a person or business based upon my personal criteria. If that criteria includes not receiving stolen goods/property, and I can reasonably determine that to my satisfaction by examining the blockchain, then I don't see a problem.

[Polvos]

But more complexity layers in the Bitcoin client may scare new adopters

[muyuu]

A big mining pool could take tainted coins and pass them to all miners with a premium, and give the newly-mined coins to a third party.

[Lupus_Yonderboy]

And honest miners who want their coins kept clean willl simply not mine there anymore. Businesses that purposefully deal in stolen property should not be surprised when they have customers that no longer want to do business with them.

[disclaimer201]

But more complexity layers in the Bitcoin client may scare new adopters will scare potential users and existing users.

[amencon]

And honest miners who want their coins kept clean willl simply not mine there anymore. Businesses that purposefully deal in stolen property should not be surprised when they have customers that no longer want to do business with them.

Most likely almost any business that deals in cash has at one point or another accepted payment of cash that was stolen at some point in time.  I've never heard of anyone ever griping about a business due to these practices. 

The truth is there is a good chance that tons of coins that have been stolen and never reported.  You'll never know if the coins you are receiving were once stolen or not.

As time goes on it'll be increasingly likely that most coins you encounter will at least in part have been stolen at some point, who cares?

[muyuu]

And honest miners who want their coins kept clean willl simply not mine there anymore. Businesses that purposefully deal in stolen property should not be surprised when they have customers that no longer want to do business with them.

LOL. Miners will go wherever they perceive they can make the slightest bit more, all the remaining considerations be damned.

Actually, caring about the future of bitcoin I would immediately support such a mining pool even at a cost.

Honest miners   is there such a thing as a dishonest miner?

[Lupus_Yonderboy]

Honest miners   is there such a thing as a dishonest miner?

Ones that willingly support attempts at laundering stolen money

[muyuu]

Honest miners   is there such a thing as a dishonest miner?

Ones that willingly support attempts at laundering stolen money

How about when the choice is that or the doom of bitcoin? because that's exactly the case.

[hashman]

Honest miners   is there such a thing as a dishonest miner?

Ones that willingly support attempts at laundering stolen money

You might as well say the miner willingly supports the (insert your favorite crime here) because the transaction included in the block was payment for (insert stuff you don't like here). 

Getting miners to look for money laundering attempts is like getting auto manufacturers to avoid making getaway cars. 

[DeathAndTaxes]

I can't quite remember; but I believe this to be correct.

Transaction fees are paid by making the inputs of a transaction be larger than the outputs.  The miner is then entitled to add that difference to their coin base transaction.  Note: the coin base.

The coin base is not directly connected to the input transactions in the block.  It is the creation of new coins.

You can therefore convert old coins to "new" coins by paying the whole value of a transaction as the fee.  Of course you've given their value to the miner, so there is no real reason to do it.

Unless you ARE the miner.

1) Create a transaction involving tainted coins w/ a hefty transaction fee.
2) Don't submit it to the network
3) Include it in the next block you are mining.
4) Tada all transaction fees are now "taint-free".

Rinse and repeat until all principal is in the form of transaction fees.

[DeathAndTaxes]

And honest miners who want their coins kept clean willl simply not mine there anymore. Businesses that purposefully deal in stolen property should not be surprised when they have customers that no longer want to do business with them.

1) Miners have no clue what their hashes are being used for
2) No reason you can't pay miner in "clean coins".

Offer a 105% PPS pool.
Include a transaction the pool OP wants cleaned w/ hefty fee in the transactions (fee will go right back to the pool op).
The "tainted coins" are slowly laundered into transaction fees.
Since pool owns the input address, output address, and coinbase address the funds go right back to the pool OP.
Pay miners in clean coins from totally unrelated addresses.

Got an answer for that?  Starting to see the futility of these stupid and increasingly complex schemes to track coins.

For all you know 105% PPS pools might be doing this right now. 

Note: Miners in pools aren't paid the transaction fee.*  The pool's wallet it.  Miners are paid by pool operator.  That is a subtle but real difference.  * The exceptions being p2pool and Eligus where miners are included in the coinbase directly.

[marcus_of_augustus]

Bitcoins are amoral, like all technologies, and monetary instruments.

They do not know that they are stolen or not stolen .... it is a human problem not a technology problem.

[Lupus_Yonderboy]

Because following tainted coins thru the block chain to the same pool to get laundered is oh so hard. You get away with it for a brief amount of time and then it gets noticed, especially with them there hefty fees. I remember a lot of concern in the gpumax thread when people were concerned pirate was using it for nefarious ends, however he apparently cleared all that up satisfactorily. Miners tend to be decent folk, in general, and while you will always have mercenaries that only want to get paid, let a pool start intentionally laundering stolen coins and don't be surprised if a lot of people suddenly shun it.

At the end of the day, it does not matter what you or I think should or should not be accepted by individuals. It is up to them. Every person that uses Bitcoin should have the freedom to choose whether or not they want to deal with stolen property. They should also have the freedom to choose what value they would place on coins that have a questionable history. Or any other coins for that matter. It is not up to me to determine what level of taint is/is not acceptable. That is an indvidual's choice.

[disclaimer201]

Because following tainted coins thru the block chain to the same pool to get laundered is oh so hard. You get away with it for a brief amount of time and then it gets noticed, especially with them there hefty fees. I remember a lot of concern in the gpumax thread when people were concerned pirate was using it for nefarious ends, however he apparently cleared all that up satisfactorily. Miners tend to be decent folk, in general, and while you will always have mercenaries that only want to get paid, let a pool start intentionally laundering stolen coins and don't be surprised if a lot of people suddenly shun it.

At the end of the day, it does not matter what you or I think should or should not be accepted by individuals. It is up to them. Every person that uses Bitcoin should have the freedom to choose whether or not they want to deal with stolen property. They should also have the freedom to choose what value they would place on coins that have a questionable history. Or any other coins for that matter. It is not up to me to determine what level of taint is/is not acceptable. That is an indvidual's choice.

"It is not up to me to determine what level of taint is/is not acceptable. That is an indvidual's choice." Very true. It may become your problem when a major exchange doesn't accept your coins though. This is my only concern. Maybe ~40000 coins are not such a big number and it will all be dilluted and go away soon to be forgotten. Once I see more threads in the forum about "MtGox froze my account and took my coins" I'd get worried though. Not for my personal risk of ever being in that position but the long-term implications for Bitcoin's reputation. I believe for it to become more than a toy for nerds, it will have to grow slowly in popularity. I doubt it will if things get too complicated or there is even a risk to lose money for obtaining tainted coins.

[matonis]

Coins don't have a questionable history, people do. A coin, is a coin, is a coin.

Have you ever held a gold coin in your hand and wondered who's hand has held the same gold in the past? Were you concerned whether or not it was Hitler, Joan of Arc, or Alexander the Great?

+1

[muyuu]

Have you ever held a gold coin in your hand and wondered who's hand has held the same gold in the past? Were you concerned whether or not it was Hitler, Joan of Arc, or Alexander the Great?

Wish I had such an old gold coin  must surely be worth more than the gold alone.

[Lupus_Yonderboy]

Because following tainted coins thru the block chain to the same pool to get laundered is oh so hard. You get away with it for a brief amount of time and then it gets noticed, especially with them there hefty fees. I remember a lot of concern in the gpumax thread when people were concerned pirate was using it for nefarious ends, however he apparently cleared all that up satisfactorily. Miners tend to be decent folk, in general, and while you will always have mercenaries that only want to get paid, let a pool start intentionally laundering stolen coins and don't be surprised if a lot of people suddenly shun it.

At the end of the day, it does not matter what you or I think should or should not be accepted by individuals. It is up to them. Every person that uses Bitcoin should have the freedom to choose whether or not they want to deal with stolen property. They should also have the freedom to choose what value they would place on coins that have a questionable history. Or any other coins for that matter. It is not up to me to determine what level of taint is/is not acceptable. That is an indvidual's choice.

Hidden in plain sight today does not equate hidden in plain sight tomorrow. Things change. Meaningless transaction fees now aren't so meaningless in the future.

I agree. Bitcoiners should have the freedom to choose, and they do.

Coins don't have a questionable history, people do. A coin, is a coin, is a coin.

Have you ever held a gold coin in your hand and wondered who's hand has held the same gold in the past? Were you concerned whether or not it was Hitler, Joan of Arc, or Alexander the Great?

Humans have a love affair with the criminal element throughout history. I imagine a coin directly linked to an early Bitcoin theft may pay for a college education in the future, if you can prove it.

Unlike any other currency in all of human experience, a bitcoin's entire history from the time it was minted (mined) all the way until it reaches my hand, is available. Dealing in stolen property rewards the thieves who stole it, and not only hurts the person it was stolen from, but the community as a whole. Unlike others, I actually have a conscience and choose not to help promote a culture where we encourage theft of others' property.

As a community, we actually have the ability to de-incentivize theft. For the first time in history we can actually identify every piece of currency in a theft and render them valueless. Granted people will still steal for the lulz, but most steal for profit. But as a community we will not, because of greed. The hope that some of those ill gotten gains will flow through our hands, that the thieves involved in those heists will grace our businesses or buy our goods, when in reality they usually just try to cash out.

And you wonder why many in the wider world view this place as a wretched hive of scum and villany. Bitcoin: the currency of choice for thieves, drug dealers, and gun runners. Bitcoin: a ponzi scheme, a scam. All these things are said about us on the wider 'net. These perceptions are what inhibits widespread adoption. Eventually, without new blood, the Bitcoin ecosystem will grow stagnant. It is apparent that many do not care. That is their decision, of course. My personal decision is not to promote theft and corruption.

[Polvos]

You are exactly talking like the authoritarian politicians who are in charge in my country. They use all kind of excuses trying to approve remakably unconstitutional laws. Terrorism, black market, sexual aggressions. All are excuses in order to make laws to gain control over the citizens.

Of course you are free to accept one coin or another as you are free too to chose who you are selling things to. But bear in mind that I am free to fight to whoever claim that fungibility of money is over. And I will with all the forms this awesome money offers me.

Sorry if I'm not clear because english is not my native language.

[muyuu]

Unlike any other currency in all of human experience, a bitcoin's entire history from the time it was minted (mined) all the way until it reaches my hand, is available. Dealing in stolen property rewards the thieves who stole it, and not only hurts the person it was stolen from, but the community as a whole.

This is because bitcoin is not really a currency like any other. It's a cryptocurrency. All efforts to make it less like a normal currency will make the system harder to understand to new adopters, who would then be wise not to enter something they don't understand.

Unlike others, I actually have a conscience and choose not to help promote a culture where we encourage theft of others' property.

You do come across like a self-righteous twat.
Haven't seen anyone encouraging theft or a culture of theft.

What we don't want is an arms race between people who want their BTC anonymous and those who want to be able to pinpoint the origin of all transactions down to every person. We also don't want to have to deal with a purity measure in BTC and I don't want the risk of having BTC confiscated because of actually buying and selling in BTC.

As a community, we actually have the ability to de-incentivize theft. For the first time in history we can actually identify every piece of currency in a theft and render them valueless. Granted people will still steal for the lulz, but most steal for profit. But as a community we will not, because of greed. The hope that some of those ill gotten gains will flow through our hands, that the thieves involved in those heists will grace our businesses or buy our goods, when in reality they usually just try to cash out.

You don't seem to understand that this comes at the total expense of centralisation and debunking yet another one of bitcoin's main tenets: anonymous money and transactions.

The obvious alternative looks a lot better to me: don't get your BTC stolen. This was perfectly feasible in the Linode case, you just keep your private keys private. I can have sympathy for Slush since he had tight margins and no capability to run operations in a different way. So let's say he had a significant pressure to run things the way he did. But Zhoutong? he was just reckless. Hope they both learnt their lesson and we can move on.

And you wonder why many in the wider world view this place as a wretched hive of scum and villany. Bitcoin: the currency of choice for thieves, drug dealers, and gun runners. Bitcoin: a ponzi scheme, a scam. All these things are said about us on the wider 'net. These perceptions are what inhibits widespread adoption. Eventually, without new blood, the Bitcoin ecosystem will grow stagnant. It is apparent that many do not care. That is their decision, of course. My personal decision is not to promote theft and corruption.

This is all about "feelings" and nothing about logic.

Again, nobody is promoting theft and "corruption" (whatever you mean with that).

If something is going to thwart growth, that is destroying anonymity of transactions and fungibility. Bitcoin has the word "coin" in it because it strives to be anonymous. You may want to rename it to bitcredit if you intend to stamp people's real names in transactions or have them give their ID on request, as if it was a credit card.

[amencon]

The blockchain doesn't tell you much of anything as far as the "moral" history of a bitcoin.  I'll give you the benefit of the doubt and just assume you really haven't thought your position through very well.

Not every theft will be reported, and if "stolen" coins are treated differently, then many coins not stolen will be branded as such (remember allinvain? Did anyone ever even prove they were stolen for sure?  That was one widely publicized theft of the hundreds of thousands that have no doubt occurred).  

Who is the governing authority that makes the declaration of which coins are "dirty" or not?  What about all the other "immoral" transactions in a bitcoins history?  Who will be recording all that down so that you can devalue those coins too?  The whole thing is an exercise in futility.  At best it will be meaningless with the exception of giving you an excuse to feel morally superior.  A coin is a coin, sorry.

[disclaimer201]

I'm sure everyone here is in favor of trying to find out who stole bitcoins and trying to hinder thieves from stealing again. The question is how to best do that without screwing up the system?

Tracking and tainting are two entirely different things. There will always be people who are careless with their security because they chose comfort and handability over security. They need to protect themselves better from thieves, which will get a whole lot easier when we have multi-signatures very soon.

Blacklisting coins and addresses is a futile task and will use up the already scarce resources (time, programming effort, knowledge, money) that is needed to make bitcoin more user-friendly and understandable to outsiders in order to reach widespread adoption. For a currency that is already highly volatile like BTC, without such acceptance, itself including the reliability that one bitcoin is worth one bitcoin everywhere, BTC will always remain a marginalised hacker currency.

Personally, I don't want bitcoin to be a toy for a few nerds. If I see that the community splits up and people will invent a complicated system of tracking, tainting and laundering you can go and play around with that shit yourselves.

I'm afraid if I was the Federal Reserve Bank, I would have wished for exactly (!) such an event as this theft to cause confusion, insecurity and a split-up of the community into two divisions. With a little 'luck', bitcoin will be destroyed in the process or massively hindered to grow to become a mainstream currency.

When I read about some of the self-proclaimed knights for justice on this forum I can only say please have a little more foresight and think through the midterm- and longterm consequences. We should use the time to work on some more useful applications for BTC instead.

[Lupus_Yonderboy]

Unlike any other currency in all of human experience, a bitcoin's entire history from the time it was minted (mined) all the way until it reaches my hand, is available. Dealing in stolen property rewards the thieves who stole it, and not only hurts the person it was stolen from, but the community as a whole.

This is because bitcoin is not really a currency like any other. It's a cryptocurrency. All efforts to make it less like a normal currency will make the system harder to understand to new adopters, who would then be wise not to enter something they don't understand.

Really? *That* is your argument? You don’t want it to be too hard for new adopters? What about the “better security” that people have to have on their systems in order to (supposedly) prevent theft? Is that easy for new adopters?  You know what they do understand? They understand all the high profile thefts and scams that continually plague us. They understand that every time a bunch of bitcoins get stolen that the mantra is always “should’ve had better security.” They understand that not one single solitary person has ever been brought to justice for stealing or scamming bitcoins. Those are usually amongst the first things they learn about Bitcoin from the wider ‘net, long before they get to learning how to actually using it.

Haven't seen anyone encouraging theft or a culture of theft.

The absolute willingness to traffic in stolen property as well as the full throated defense against any possible action that might harm thieves or return the ill-gotten gains to their original owner is tacit approval of their actions. The continual blaming the victim mentality for all crimes also indicates approval of the criminals’ actions.

What we don't want is an arms race between people who want their BTC anonymous and those who want to be able to pinpoint the origin of all transactions down to every person. We also don't want to have to deal with a purity measure in BTC and I don't want the risk of having BTC confiscated because of actually buying and selling in BTC.

People who have adequately protected their anonymity should not be affected by enhanced scrutiny of the block chain. If they were not sufficiently protected then they should have had “better security”.
Whether or not you want to deal with purity, others will. If you choose not to perform due diligence, then you can deal with the consequences. Almost every single gas station in the US checks their bills with a counterfeit pen. Those that do not are soon out of business.

As a community, we actually have the ability to de-incentivize theft. For the first time in history we can actually identify every piece of currency in a theft and render them valueless. Granted people will still steal for the lulz, but most steal for profit. But as a community we will not, because of greed. The hope that some of those ill gotten gains will flow through our hands, that the thieves involved in those heists will grace our businesses or buy our goods, when in reality they usually just try to cash out.

You don't seem to understand that this comes at the total expense of centralisation and debunking yet another one of bitcoin's main tenets: anonymous money and transactions.

There is no centralization. Users should be free to determine if they want to deal in stolen property (and to what degree.) Transaction details of all the major thefts are widely publicized and available. There should be no central anything. The user should be the one to choose which addresses or transactions they find suspicious.
Also, Bitcoin by default is not anonymous. You have to work very hard to make it so. So hard, in fact, that you

make the system harder to understand to new adopters, who would then be wise not to enter something they don't understand.

We wouldn’t want to make it harder for new adopters now would we? That would scare them off. Or something.

The obvious alternative looks a lot better to me: don't get your BTC stolen. This was perfectly feasible in the Linode case, you just keep your private keys private. I can have sympathy for Slush since he had tight margins and no capability to run operations in a different way. So let's say he had a significant pressure to run things the way he did. But Zhoutong? he was just reckless. Hope they both learnt their lesson and we can move on.

Yes because they chose to get their btc stolen. Oh wait, they “should have had better security”. It’s like a Pavlovian response around here when dealing with thefts. “I feel bad and all for the victim, but really, if they just had better security, none of this would have happened.” Horseshit. There isn’t enough security out there to protect a hot wallet from a truly determined group of hackers. Not at any amount of money that normal people/businesses can afford, and probably not enough protection for those that can afford it at anything less than bank grade security (if then). So the ‘better security’ idea that continually gets pushed around here is nothing more than a canard.

And you wonder why many in the wider world view this place as a wretched hive of scum and villany. Bitcoin: the currency of choice for thieves, drug dealers, and gun runners. Bitcoin: a ponzi scheme, a scam. All these things are said about us on the wider 'net. These perceptions are what inhibits widespread adoption. Eventually, without new blood, the Bitcoin ecosystem will grow stagnant. It is apparent that many do not care. That is their decision, of course. My personal decision is not to promote theft and corruption.

This is all about "feelings" and nothing about logic.

Again, nobody is promoting theft and "corruption" (whatever you mean with that).

If something is going to thwart growth, that is destroying anonymity of transactions and fungibility. Bitcoin has the word "coin" in it because it strives to be anonymous. You may want to rename it to bitcredit if you intend to stamp people's real names in transactions or have them give their ID on request, as if it was a credit card.

As has been discussed many times, Bitcoin is not inherently anonymous. You do people a disservice by making them think so. Tracking tainted coins does not attach real names to transactions. If it did catching thieves would be easy. So please stop being disingenuous.

[disclaimer201]

Leaving 43000 bitcoins in unencrypted wallets at an inexpensive hoster is in fact very careless. So, yes - people who hold other people's coins need more security if they want to be responsible for third parties values. With normal safety measures I think most people will be secure enough to hold their own BTC. Encrypt your wallet, have a firewall and virus scanner, spyware detector, keep some backup on a usb stick - such stuff is fairly easy for most users in order to protect their own money. Multi-signatures will probably also help a great deal soon.

If you are holding other people's coins in the thousands and are unable to encrypt your wallet, whole different story.

We don't have to dumb everything down to make BTC more mainstream but coin origin shouldn't be something to deal with at all times. I can't remember when I last checked my banknotes for authenticity. In fact, I hardly ever use cash anymore. If individuals are willing to check their transactions for purity in order to decline stolen coins, it's a good thing. If they are not, they are not. And who's to blame if they don't know how to even do that. I'm sure a lot of people who also have no clue how to track satoshies will take their coins. If word spreads that there is even a chance MtGox takes your coins as you have no idea how to even look for taint, I'm certain the market will take care of the problem.

Actually, I think the whole thing will be forgotten soon since I doubt MtGox will scare away their customers for X% tainted coins. 40k coins aren't much compared to the millions anyway.

[Lupus_Yonderboy]

You are wrong. I abhor theft. Yet, I oppose a blacklist. I honestly feel that any blacklist will only serve to hurt regular users, and create a situation where malicious individuals can take advantage of the blacklist to cause more damage.

In other words, I think the negative unintended consequences of a blacklist outweigh the potential positive consequences.

By the way, I didn't arrive at this conclusion lightly. I spent a lot of time considering it after the allinvain theft. In fact, I can link you to some posts where I defended a the idea of a blacklist rather fervently.

https://bitcointalk.org/index.php?topic=16457.msg238345#msg238345
https://bitcointalk.org/index.php?topic=16457.msg238369#msg238369
https://bitcointalk.org/index.php?topic=16457.msg238376#msg238376
https://bitcointalk.org/index.php?topic=16457.msg239655#msg239655

And several more posts in that thread and others.

But then I thought about it, and realized how this blacklisting could be abused to cause more harm than good. If I could snap my fingers and return all the stolen coins to their rightful owners, I would gladly do it, but I am against a blacklist.

Perhaps services will spring up that maintain lists. The more accurate ones will largely agree with each other, inaccurate ones or ones not kept up to date will fall by the wayside. Feedback loops can be introduced for those who feel their coins are wrongly listed. In all cases the lists should be advisory with specific reasons posted for each entry, with the end user deciding whether or not they want to use the data. I have no intention of runnning such a service, but I am positive someone can make a working business model. After that, let the market decide. Will people try to spam/abuse such services? Absolutely. That's why the good ones that can effectively filter and correctly identify suspect transactions will succeed, and the other ones will fail.

I also don't understand how calling for more secure practices from users equates to approval of theft or blaming the victim...

Because the standard line is "Should've had more security" and then everybody goes on like nothing happened. Ho-hum, another large theft, wasn't my coins, you just should've had better security bro. It's your fault the coins were stolen, b/c you didn't have better security. Sorry about your loss. And now I will completely ignore where those coins went and look the other way as the thief sends me those stolen coins for whatever good/service I am selling.

People use the 'better security' excuse as a cop-out. It lets them place full blame on the victim while letting the thief get away scott-free. Letting the thief spend their coins wherever they want is fencing stolen goods and tacit approval of the theft. And the 'a coin is a coin' thing is also a moral cop out. If Al-Qaeda bought a backpack nuke w/ bitcoins and used it, I damn sure wouldn't use any of those coins. I can't speak for anyone else's conscience, but I can speak for mine.

Just answer what would be done in one example.

Someone steals coins robs a bank and then uses them the cash for a local anonymous purchase. This is many users primary motive for using Bitcoin cash, privacy from anyone who might be interested in how you spend your money. They time the purchase so it occurs immediately after the theft. Let's say the transaction was for several ounces of gold. So, the theft is finally reported, and now the coins serial numbers on the bills are blacklisted. But they are no longer in the possession of the thief, he has traded them to an innocent individual for several ounces of gold. Yet, this innocent individual has no way to prove that he isn't the thief, he used Bitcoin cash specifically to keep the transaction private and required no information from the individual purchasing the gold (the thief). In this situation, a blacklist hurts an innocent man as his gold is gone and his coins are cash is now worthless. So, due to a blacklist, the thief has injured two individuals instead of one. The innocent individual could return the coins cash to the original victim of the theft, but how do we prove that the victim didn't arrange the "theft" to purchase some gold and get his coins cash returned after the fact? In either case, someone is getting hurt.

You can have the same potential abuse with cash, and banks will absolutely blacklist serial #'s they know were stolen. The quick answer is only do business with trusted parties. We can sit here and make conjectures about "If x, y, and z conditions are all fulfilled, then some innocent person will get hurt." People are going to get hurt regardless of what you do or do not do. Blacklists help make sure less people overall get hurt. Removing profit incentive from thefts will greatly lower the rate of thefts. Of course thieves will attempt to find a way to make their thefts profitable even quicker, but it will help deter most large thefts (unless those are just being done maliciously).

Some of the properties of Bitcoin are useful for some individuals, these properties come with the responsibility to protect yourself from theft. What's so hard about accepting that and understanding that maybe it's not for everyone. I personally don't expect Bitcoin to become the reserve currency of the world or anything like that. But it has some very specific advantages over other currencies, and people who appreciate those advantages don't want to give them up in exchange for some pretend theft protection. I say pretend, because I don't think a blacklist will protect people from theft, and certain users won't care if they receive blacklisted coins or not, i.e. criminals.

It is this attitude that will relegate Bitcoin to being nothing more than a marginalized hacker currency. Only those who can deploy large byzantine security solutions should be able to have bitcoins without fear of them being stolen.  Any security a user can implement can be overcome by a determined enough person or group. And most security isn't going to help if someone knowledgeable has physical access to your server (*cough* datacenter employees *cough*) --but TPM looks interesting. Of course this does not mean that security should be forsaken entirely, but neither is it the end-all be-all everyone tries to make it. Good security + blacklists can do a lot to cut down on theft.

Also, precisely what advantages of Bitcoin are being given up here? Being easily stolen and fenced? I don't expect Bitcoin to ever be the world's reserve currency either, or even 1% of US GDP, but the perception out there is that Bitcoin is the currency of choice for thieves, drug dealers, gun runners, and all other sorts of ne'er do wells. I am quite frankly surprised they haven't thrown child pr0n at us yet. Every large scale theft that hits the news reinforces that opinion of us. Which sucks b/c this technology has the chance to be so much more.

[kjj]

Perhaps services will spring up that maintain lists. The more accurate ones will largely agree with each other, inaccurate ones or ones not kept up to date will fall by the wayside. Feedback loops can be introduced for those who feel their coins are wrongly listed. In all cases the lists should be advisory with specific reasons posted for each entry, with the end user deciding whether or not they want to use the data. I have no intention of runnning such a service, but I am positive someone can make a working business model. After that, let the market decide. Will people try to spam/abuse such services? Absolutely. That's why the good ones that can effectively filter and correctly identify suspect transactions will succeed, and the other ones will fail.

Yes.  Because that is exactly how it worked when the spam fighters had the exact same idea.   

[reg]

to holiday and kjj, generally I think holiday is thinking along the correct path for the future of BTC and kjj has single-handedly converted me to multisig. But consider this, the largest hacks have occurred via online services and exchanges. These have shown fundamental flaws in security and their resolution has strengthened BTC. However no-one has any real idea who perpetrated these acts and there effect was to undermine confidence in BTC. If they are thieves there is nothing practical we can do if we want to maintain anonymity (I think that is essential to safeguard the individuals freedom in finance). If they are agents of an existing authoritarian agency they will be UPSET that the attack did not greatly undermine BTC prices. Adopting similar systems of control and monitoring that exist in fiat currencies plays into their hands and should be avoided.  BTC will be fine if users adopt appropriate strategies 1) do your best to secure and diversify your own BTC's. 2) avoid exchanges that control you or your funds. 3)sleep with both eyes open.  reg.

[DeathAndTaxes]

People use the 'better security' excuse as a cop-out. It lets them place full blame on the victim while letting the thief get away scott-free. Letting the thief spend their coins wherever they want is fencing stolen goods and tacit approval of the theft. And the 'a coin is a coin' thing is also a moral cop out. If Al-Qaeda bought a backpack nuke w/ bitcoins and used it, I damn sure wouldn't use any of those coins. I can't speak for anyone else's conscience, but I can speak for mine.

Why would your conscience be affected by what currency was used for in the past?  Its asinine but it explains a lot.

You do understand that if you go to a bank and get one a hundred different bills the odds are some of those in the past were used for just to pay for just about every evil in the world from human trafficking, to murder for hire and arms sales to child porn. 

With modern currency they have a relatively short lifespan but very old gold coins were probably involved in one (or a couple dozen) slave trades during their time in active circulaiton.  Should most ancient gold coins be melted down or blacklisted because they have the taint of slavery, genocide, rape, pillaging, etc?


Does it affect your conscience that you may be passing along "bad" money everyday?
Or is this moral poutrage merely limited to Bitcoin?

[DeathAndTaxes]

3)sleep with both eyes open.  reg.

I tried that but then I was so tired I fell asleep during the day and got robbed.

[muyuu]

Saw this paper, Lupus? http://fc12.ifca.ai/pre-proceedings/paper_84.pdf

How do you feel about their proposals to IMPROVE anonymity by mixing/laundering coins? from an academic paper no less?

Only lunatic and authoritarians think it's a good idea to control every little monetary exchange made by people. Money doesn't commit crimes.

[Lupus_Yonderboy]

Because the standard line is "Should've had more security" and then everybody goes on like nothing happened. Ho-hum, another large theft, wasn't my coins, you just should've had better security bro. It's your fault the coins were stolen, b/c you didn't have better security. Sorry about your loss. And now I will completely ignore where those coins went and look the other way as the thief sends me those stolen coins for whatever good/service I am selling.

People use the 'better security' excuse as a cop-out. It lets them place full blame on the victim while letting the thief get away scott-free. Letting the thief spend their coins wherever they want is fencing stolen goods and tacit approval of the theft. And the 'a coin is a coin' thing is also a moral cop out. If Al-Qaeda bought a backpack nuke w/ bitcoins and used it, I damn sure wouldn't use any of those coins. I can't speak for anyone else's conscience, but I can speak for mine.

I think you take this to the opposite extreme though. The thief is always the aggressor, but people need to be responsible for their property. This is why we have locks, security systems, etc. How can I feel bad for everyone who has their coins stolen when I've taken the steps to protect mine? At some point you have to realize that you need to be responsible with your own property instead of relying on everyone to protect you.

Security = proactive. Blacklist = reactive. Which method is preferred? Which method should we be pushing users towards? Why would I bother with the reactive one when I can help prevent people from having their coins stolen in the first place?

I'm not saying forego personal security and rely solely on a blacklist. There is no reason you can't do both. A blacklist is also proactive in that it removes much of the profit motive from theft. As an anaolgy, an off duty cop in a bank lobby is both proactive and reactive. He will help deter most casual bank robbers, but he is there to respond against determined attackers. Security is never 100% effective, somebody will always find an exploit. And in Bitcoin world this means the victim will be blamed for not having enough personal responsibility to get better security.

You can have the same potential abuse with cash, and banks will absolutely blacklist serial #'s they know were stolen.

I've never seen anyone checking serial numbers on cash, ever. Perhaps banks do, and maybe this is how it will play out in the Bitcoin world. Banks (exchanges) will check, merchants and users won't.

They don't always know , but if they just got a shipment of new bills in, they do. Also in the event of a ransom situation they always write down the serial numbers. A better analogy would be the way the US system handles counterfeit notes. Merchants check most bills they get and any that fail the pen test are refused. If any get through and the merchant tries to deposit them, the bank confiscates them and they are a loss on the business for not doing its due dilligence. The same thing if a person tries to deposit them into their personal account. A blacklist for stolen coins would pretty much be the same thing. Failing to check for validity is not the fault of the bank(exchange), but that of the business/end user. Especially since it can be seamlessly integrated into the client. And before the peanut gallery chimes in, yes I know bitcoins can't be counterfeited.

The quick answer is only do business with trusted parties.

Yes, as I expected. Well, this is why I use Bitcoin. So...

Meaning use a system like bitcoin-otc or somesuch. While I have never been there I would be extremely shocked if SR didn't have at least some kind of informal trust system. So if you are doing business with people that have no references anywhere, then don't be surprised if those transactions don't always turn out satisfactorily. Also, how does your purchaser know that you just didn't steal the gold that you are selling to him, or that you will even send him that gold?

People are going to get hurt regardless of what you do or do not do. Blacklists help make sure less people overall get hurt. Removing profit incentive from thefts will greatly lower the rate of thefts. Of course thieves will attempt to find a way to make their thefts profitable even quicker, but it will help deter most large thefts (unless those are just being done maliciously).

I think the thieves will just find new ways around the blacklist. The silk road, for example. I'm sure those people could care less about any blacklist, that should be obvious. It will also create a black market for blacklisted and clean Bitcoins, and then we get all the wonderful things that come with a black market...

There is a black market for counterfeit US bills too, ones that no bank will take, drug dealers will etc etc. Not so different. I hate to keep going back to that analogy but it is pretty apt.

It is this attitude that will relegate Bitcoin to being nothing more than a marginalized hacker currency.

The attitude that I want financial privacy? Why use something as volatile as Bitcoin otherwise?

Is that the only reason for people to use Bitcoin? If so, then we just need to stop wasting resources on trying to get any normal users to start using Bitcoin. Because whether or not it is true, the public perception is that if you need 100% financial privacy, it is usually for something illegal.

Only those who can deploy large byzantine security solutions should be able to have bitcoins without fear of them being stolen.

Well, as I've pointed out several times, there are new features that will make security quite simple for the average users. Multi-sig functionality in the default client, and Armory offline transactions. One of them is working and available today! And let's not forget, this is all beta software.

Awesome. If it is all beta software, then there is no harm in trying out a blacklist feature. If it works, great! If not, well its just beta software and we'll drop that feature in the next revision (and yes I already use Armory)

Any security a user can implement can be overcome by a determined enough person or group. And most security isn't going to help if someone knowledgeable has physical access to your server (*cough* datacenter employees *cough*) --but TPM looks interesting.

With multi-sig I could give you my computer containing my unencrypted wallet, and you won't be able to steal my coins. 

Multi-sig is definitely a huge step in the right direction. Most users don't have access to a secure offline computer to sign all of their transactions though. Is there a solution that would have helped Slush or Zhou out? Meaning multi-sig with businesses that need to do instant payouts. And yes, I know Zhou really did need 'better security' in the 1st place.

Also, precisely what advantages of Bitcoin are being given up here?

Financial privacy.

How? Nothing new is in the block chain that wasn't already there. If this stripped anonymity then it could be used to identify thieves, but it cannot. If your transactions were private before, they still are. Enhanced scrutiny of the block chain does not change this. If your transactions cannot bear close examination via the block chain, then you never were private.

[Lupus_Yonderboy]

People use the 'better security' excuse as a cop-out. It lets them place full blame on the victim while letting the thief get away scott-free. Letting the thief spend their coins wherever they want is fencing stolen goods and tacit approval of the theft. And the 'a coin is a coin' thing is also a moral cop out. If Al-Qaeda bought a backpack nuke w/ bitcoins and used it, I damn sure wouldn't use any of those coins. I can't speak for anyone else's conscience, but I can speak for mine.

Why would your conscience be affected by what currency was used for in the past?  Its asinine but it explains a lot.

You do understand that if you go to a bank and get one a hundred different bills the odds are some of those in the past were used for just to pay for just about every evil in the world from human trafficking, to murder for hire and arms sales to child porn. 

With modern currency they have a relatively short lifespan but very old gold coins were probably involved in one (or a couple dozen) slave trades during their time in active circulaiton.  Should most ancient gold coins be melted down or blacklisted because they have the taint of slavery, genocide, rape, pillaging, etc?


Does it affect your conscience that you may be passing along "bad" money everyday?
Or is this moral poutrage merely limited to Bitcoin?

The main one for me is knowing. You can't pick up a bill, or a piece of gold, and know its entire history. Bitcoins are different, because you can know every transaction they have ever been in. That's not a bug, that's a feature. You are, of course, free to ignore it and not use that feature, but that doesn't keep it from being there. To me, accepting and using money that has been involved with a theft is wrong. Obviously there are many people here who think that handling stolen property is just dandy. That is perfectly fine, but I do not have to do business with them. There is no law stating that I must accept their coins, at any value. I can establish my own criteria with whom I conduct transactions. If that criteria includes vetting the history of their money to satisfy my conscience, then c'est la vie.

"A coin is a coin" is often a moral cop out (for those that have them) because it lets a person ignore the possibility that some of the coins in their wallet are only there because they were stolen from somebody else. It lets them turn blind eye to the possibilty that their profits may be because somebody else is suffering. Of course there are people whose morals allow them to simply not care if coins are stolen, and others such as the original thief that are simply amoral.

Tell me, if gpumax paid you 15 btc tomorrow, and you found 10 of them came from slush's theft, would you give them back to slush?

[FreeMoney]

So you give Slush the money and he spends it on some sexy downloads, the porn site operator dutifully returns the coins to Slush because they trail back to a theft.

Boomerang coins!

The blockchain only shows that coins came from other valid coins, it is completely devoid of moral information.

[DeathAndTaxes]

Tell me, if gpumax paid you 15 btc tomorrow, and you found 10 of them came from slush's theft, would you give them back to slush?

Of course not.  If I was paid 15 BTC that means I gave up something of value for the 15 BTC I was paid (likely computing time in this example).  They aren't "slush" coins.

I also wouldn't try to track down the descendants of some roman house slave to return the gold coins their ancestor was bought with as some kinda of idiot reparations.   I am sorry Slush was robbed but I shouldn't lose value to make him whole and knowing Slush he would neither ask for expect it.

Bitcoin is about personal responsibility.  Freedom doesn't come without a price.  Freedom is the freedom to make a bad choice like keeping large sums of money in a virtual account a stranger has the backdoor to.  Freedom is also paying the consequence for that action.  I would imagine now many virtual host hot wallet owners are reconsidering and that consequence will have a positive impact. 

[westkybitcoins]

I think we are both talking to brick walls. To be honest, I can't see any reason you are interested in Bitcoin to begin with if you only want to change it into the systems already available.

Bingo.

[Lupus_Yonderboy]

No, in the world of blacklisted Bitcoins I can not risk accepting coins from an anonymous individual because they could end up being tainted if the theft is reported after my exchange. So, I have to keep records and exchange personal information for every transaction I do, in order to protect myself. I may have to take steps to recover my goods if I get stuck with some tainted, worthless coins. Now I have to be able to verify if identification is legitimate or not, see records of current addresses, etc. This all leads to the wonderful world of bankers and fees. Middlemen getting rich off of peoples' inability to protect themselves from theft. Systems we already have. I see no reason to trade all the advantages of Bitcoin away just for some lousy blacklist that will cause more harm than good.

It is your choice to keep records and such then. Nothing forces you to stop being anonymous. You *might* lose a transaction's worth of coins over the deal if they are still in your wallet. Nothing compels you to keep records or come forward if there is an issue.

To be honest, I can't see any reason you are interested in Bitcoin to begin with if you only want to change it into the systems already available.

Funny I can say the same about those wanting to turn Bitcoin into a glorified form of cash. Just use cash instead, it is far more anonymous and stable than Bitcoin. What I want to do has never been done with any currency, ever, because it was previously impossible. Besides, we already have bankers and fees, they're called exchanges. Exchanges are also a point of centralization, btw. Everybody rails against the centralization, yet they use the exchanges. Because of the centralization exchanges would also be the best place to administer blacklists.

Look, even if I am not the one to bring this now, somebody will sooner or later. Why? Because it can be done. Put it out there now, while we are in beta, and let the market sort it out. If nobody respects tainted coins then the whole thing falls apart and it can be permanently put to bed, with proof it doesn't work. Otherwise this issue will pop up every time there is a major heist, and there will be more thefts. Besides, for those who argue this will destroy Bitcoin, what happens if a determined attacker implements this? You don't need a majority of the network, only a few %, after which it snowballs.

I doubt I will convince you, and I've already changed sides after dwelling on it for quite some time, so I doubt you will convince me.

I know I won't convince you, especially after I noticed you made many similar arguments several months ago. Multi-sig has me seriously reconsidering my security argument. I will ponder the rest of it. I do want to thank you for being civil. I appreciate it.

[Lupus_Yonderboy]

Tell me, if gpumax paid you 15 btc tomorrow, and you found 10 of them came from slush's theft, would you give them back to slush?

Of course not.  If I was paid 15 BTC that means I gave up something of value for the 15 BTC I was paid (likely computing time in this example).  They aren't "slush" coins.

I also wouldn't try to track down the descendants of some roman house slave to return the gold coins as some kinda of idiot reparations.

I am sorry Slush was robbed but I shouldn't lose value to make him whole and knowing Slush he would neither ask for expect it.

Fascinating. It would be interesting to see the results of a professionally administered MMPI.

[westkybitcoins]

To be honest, I can't see any reason you are interested in Bitcoin to begin with if you only want to change it into the systems already available.

Funny I can say the same about those wanting to turn Bitcoin into a glorified form of cash. Just use cash instead, it is far more anonymous and stable than Bitcoin.

You can't shove cash into a USB port (or go to some random bank) and anonymously send it to someone else halfway across the world in a few seconds.

Further, no one is approaching central banks and trying to convince them to change their cash, or their systems. Instead, an entirely new product was created for the sole purpose of acting as digital cash, and we've all just decided to use it.

So forgive me, but your statements seem a bit disingenuous.

But let's suppose enough miners and exchanges relented and implemented blacklisting to cause "tainted coins" to not be worth receiving.

Let's also suppose that the masses of us who came to bitcoin for what it was then left and created Bitcoin 2, with automated coin-mixing. (Because believe me, that's what would happen.)

Would you be satisfied because your goal of turning bitcoin into the currency you wanted was achieved? Or would you begin advocating for anti-anonymity changes to Bitcoin 2 as soon as the first theft occured (or earlier?)

[Lupus_Yonderboy]

Funny I can say the same about those wanting to turn Bitcoin into a glorified form of cash. Just use cash instead, it is far more anonymous and stable than Bitcoin. What I want to do has never been done with any currency, ever, because it was previously impossible. Besides, we already have bankers and fees, they're called exchanges. Exchanges are also a point of centralization, btw. Everybody rails against the centralization, yet they use the exchanges. Because of the centralization exchanges would also be the best place to administer blacklists.

Well, yes I could use cash, and it would fit most of my needs. Except, it can be stolen (in person) much easier than Bitcoins. If I am meeting you face to face for a transaction, once we decide to complete the exchange, there are ways Bitcoin can protect me. A less secure option would be a locked phone with the Spinner app and just enough coins for the transaction. An extremely secure option would be family at home waiting for my email with the payment address. With Bitcoin, I can arrange to make a purchase from any stranger, and go to the place to make the exchange without carrying anything of value except a phone (and various other things that I don't leave home without). Same goes for selling items, I only need to take the items, and a way to check the block chain. Now, this may seem like a ridiculous precaution to some, but I like tools that provide me with additional security without too much complexity. Bitcoin is far superior to cash in this aspect. Plus carrying any large amount of cash can actually raise suspicion from "authorities" these days. Cash is easy to confiscate if those authorities decide they don't like what you are doing. I've read plenty of horror stories of authorities abusing their power against perfectly law abiding folks. Knowledge of my rights and knowing when to assert them goes a long way, but you can still find yourself in a bad spot without breaking a single law. So, I have to protect myself from criminals and authorities.

Also, I've never used a Bitcoin exchange. 

For face to face transactions, Bitcoin is no more secure than cash. The same methods used to forcefully take cash or items from you in a deal gone bad can also be used to force a bitcoin transaction. Most families would release the coins if their loved one was being held at gunpoint. I will agree that carrying a smartphone is far less obvious than a duffel bag/backpack full of cash, but anyone that can force you to give up the cash can also force you to send an email. I am not saying that it would be simple or easy for them to do, just that once your personal security is overcome Bitcoin and cash are equally insecure.

As far as authorities go you are correct. Having tens or hundreds of thousands in cash is often as bad as having drugs or similar contraband. On the other hand, courts are ruling that searching/copying cell phones during traffic stops without a warrant is legal. To be honest I haven’t been paying attention to any mobile bitcoin payment solutions, so I don’t know how resistant they might be to a tech inclined cop having temporary control over the phone and imaging it.

Look, even if I am not the one to bring this now, somebody will sooner or later. Why? Because it can be done. Put it out there now, while we are in beta, and let the market sort it out. If nobody respects tainted coins then the whole thing falls apart and it can be permanently put to bed, with proof it doesn't work. Otherwise this issue will pop up every time there is a major heist, and there will be more thefts. Besides, for those who argue this will destroy Bitcoin, what happens if a determined attacker implements this? You don't need a majority of the network, only a few %, after which it snowballs.

Honestly, I think it will happen at some point (if it isn't already happening at Gox, I don't know but some have suggested that it is to some extent). The reason I post in these threads is I want people to stop and consider a different point of view. Protect yourself and you should never need a blacklist. I understand that people calling for a blacklist have good intentions, as I did when I used to call for one. But I honestly believe that if it becomes commonplace, it will change Bitcoin into something less powerful. Tools are usually more useful if they have multiple uses! I've tried to show some ways that a blacklist can remove some of the usefulness of Bitcoin. And I'm sure there are plenty of examples I haven't even thought of yet.

I don’t see how protecting myself better equals not ever receiving stolen property.  Tools are indeed more useful when they have more uses and when they are used to their maximum potential. I am talking about taking the functionality already there in the block chain and leveraging that to make thefts worthless. 25k+ btc are a tempting reward for a group of hackers to spend weeks or months trying to break into a hardened target. Its not so tempting a reward if the coins can be rendered worthless immediately after the theft.

I know I won't convince you, especially after I noticed you made many similar arguments several months ago. Multi-sig has me seriously reconsidering my security argument. I will ponder the rest of it. I do want to thank you for being civil. I appreciate it.

I try to be civil as possible because I find one can accomplish so much more than they could with name calling or harsh language. I honestly want Bitcoin to be secure for those that find it useful and I want those calling for a blacklist to consider some of the possible negative unintended consequences that it may create. I think we can find technological ways to secure Bitcoins that will make theft practically impossible. I still think some genius will create a hardware "wallet" that will be easy to use, yet extremely secure. Imagine a wallet on a card that erases itself if the wrong pin/password is entered once. Of course you have a copy of the wallet safe at home! The more Bitcoin grows, the better the services and products that will grow alongside it.

We have technological ways to help prevent theft, multisig and blacklists . If you can successfully prevent all thefts by other means, blacklists lose any possible use. Your card idea is interesting, but only those who want to be exceptionally secure will use it because getting a new card when you f’d up entering your pin/password is a big PITA.

Also, I want people to be responsible. Perhaps the way society has evolved has taken much of that responsibility away from the individual. But thieves will normally find a victim, and all of society suffers for it, because someone is able to obtain power (money) without offering something positive in return. With Bitcoin, we have a chance to relearn responsibility where it concerns our money. This can be a very good thing if we continue to strive for it, and it may spread responsibility into other aspects of our lives (I'm thinking a global scale here). Instead of figuring out how to punish thieves, we can figure out how to prevent theft in the first place, and then we can move on to other abuses, after all, so much abuse comes from the desire to obtain money (power). If everyone on the planet was twice as responsible with their money as they are now, I think it would be a much better place to live in (of course I'm talking about responsibilities other than security now).

Unfortunately you still have to provide some kind of deterrent for the theft in the first place. Robbing a bank will get you 10 years or so in prison. If the police never chased any bank robbers or the courts never prosecuted them, bank robberies would vastly increase. No financial system could withstand that, even ones where you can just print more money at will. That’s what we have in Bitcoin world. We have no cops, no courts (and no I am not advocating for such), no way to punish those who commit crimes against others. We give thieves a free pass on their crimes every single time.

I too, am trying for a more secure Bitcoin. I believe in this project, and I came here from a tech standpoint. I am not afraid of changes to beta software, unlike a vast majority of people here. Seriously, if you don’t plan on changing it, make it production software and stop calling it a beta test. Just look at the discussions over BIP 16/17, or the people freaking out over BIP 30. The irony is extremely funny. A bunch of people want to use a revolutionary currency, but are absolutely terrified of any changes made to it. Bitcoiners are a lot more scared of changes to Bitcoin than bankers are afraid of changes to their system.  I really feel for the devs, because any time they suggest a change or a bugfix to the general Bitcoin public, people start running around with their hair on fire. (Note: For anyone just joining us, I am *not* suggesting a change to the actual protocol.)

[marcus_of_augustus]

Looks like the troll has a few of you hooked in to his empty, verbose arguments.

[Lupus_Yonderboy]

For face to face transactions, Bitcoin is no more secure than cash. The same methods used to forcefully take cash or items from you in a deal gone bad can also be used to force a bitcoin transaction. Most families would release the coins if their loved one was being held at gunpoint. I will agree that carrying a smartphone is far less obvious than a duffel bag/backpack full of cash, but anyone that can force you to give up the cash can also force you to send an email. I am not saying that it would be simple or easy for them to do, just that once your personal security is overcome Bitcoin and cash are equally insecure.

I see your point, but I still have to argue that Bitcoin is more secure than cash for face to face transactions. Many crimes are crimes of opportunity, and if there is no opportunity, there won't be a crime. And even the dimmest thug is going to think twice before turning a simple robbery into a kidnapping. Yes, if they are determined, they can kidnap me and attempt to force my family to pay, but I can tell them no all the same. Ultimately it's my choice (or my family's choice). Whereas if I'm carrying a bag of cash and get bashed over the head with a tire iron, I no longer have that choice. Perhaps small differences in the end, but differences that are important to me.

Any prospective thieves doing a face to face Bitcoin transaction with you will know that they need to force you to complete it. Its not like a random mugging escalating to kidnapping. They'll come knowing and ready to take you alive and conscious. I agree that it would be much more difficult to do that than just shooting someone in the back of the head and taking a bag full of money. I find it curious that you might place a price on what your life might be worth. Is there really an amount of bitcoins that you would rather die for than give up in a kidnap situation? I can always make more money if I am alive. No amount of money can resurrect me.

As far as authorities go you are correct. Having tens or hundreds of thousands in cash is often as bad as having drugs or similar contraband. On the other hand, courts are ruling that searching/copying cell phones during traffic stops without a warrant is legal. To be honest I haven’t been paying attention to any mobile bitcoin payment solutions, so I don’t know how resistant they might be to a tech inclined cop having temporary control over the phone and imaging it.

Interesting. I wonder how the officer is going to obtain my cell phone without a warrant when it's locked inside my glove box, inside my locked vehicle. No reason to make it easy for them to violate my rights.  

Oh, and if you have an android phone, you should check out Spinner. It's an amazing app, and I carry no more Bitcoins on my phone than I would cash in my pocket.

Your phone is not as secure as you think it is. Cops lie and cheat when they want. "I smell pot" during a traffic stop/checkpoint is probable cause enough for a search, and its impossible to disprove that in court. Planting a dime bag during the search is exceptionally easy, and who is the jury going to believe? Granted they usually reserve such behavior for those they strongly believe are doing something wrong. Also, most people carry their cell phones with them at some point when they are on foot, so its possible to lose control like that.

I just glanced briefly at the Spinner thread. In the context of security if you lose control of your phone to a tech savvy advesary, not only will they know the identity of your Spinner wallet, but by tracing the block chain they can pull all your other transactions from other wallets that you used to fund the mobile one. I know that you are exceptionally anonymity concious, so be careful. That is a potentially huge security risk.

I'm never more than 50 feet away from a connected computer or laptop, so I have no need for an Android phone

[DeepBit]

track. 1VayNert3x1KzbpzMGt2qdqrAThiRovi8

That was some evil example :)