Bitcoin Forum
December 09, 2016, 04:09:50 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Proposal for increased security : delayed transactions  (Read 1809 times)
DarkEmi
Full Member
***
Offline Offline

Activity: 215


View Profile
March 11, 2012, 02:07:15 AM
 #1

If you plan to comment, read at least this Abstract :

I am proposing a simple "cancellation" of orders based on the following mechanism :

- A new set of address is created, those address have a associated "timestamp" value. Lets call them "safeAddress".

- When making a transaction from a safeAddress to a normal bitcoin address, the coin are "blocked" for a period of time corresponding to the timestamp.

- At any time, a safeAddress can be "destroyed", and all coin in the address AND all coins in transfer from this safeAddress are send back from the previous address where they were received.

- This dont impact at all "normal" feature of bitcoin (transfer from "normal" address are still instantaneous) but allow for a very safe banking system, no trust required on a single party, and finally make it very easy for casual users to have a very safe account.

In my opinion, the multi signature solution is aimed at a more expert population and I am not sure it can address the case where a user has a single bitcoin-machine and is totally neophyte. As well, it handles the cases where someone is asked with a gun to give his credentials and to transfer its bitcoin.

Would you rather prefer to be able to send 100k instantly all the time or would you rather prefer that for huge amounts a "rollback" period  would be possible ?
Honnestly, how often do you really need huge amount to be confirmed instantly versus the safety of your stash ?

I am sure that most people would of course prefer the second option.
But my solution does not remove the freedom that bitcoin provides as old address can still be used, it merely gives people more freedom over how they wanna store their bitcoins.

---
Old post (more detailed) below :

---

I am an avid bitcoin supporter since almost a year. And I am French as well, so don't feel offended by my bad grammar Smiley In my opinion, the biggest issue with bitcoin is still his security : While the anonymity and easy to transfer mechanisms bitcoin provides are very useful, they are also a goldmine for crooks and malevolent hackers.

This is in my opinion a problem for casual bitcoin users as it requires very secure bitcoin usage and this in turn requires users to be very knowledgeable to use bitcoin safely.

This problem is even worse for people wanting to use bitcoin as a store of value or banks : banks needs to have a huge level of trust in all its employee and security while users wanna store big value in bitcoin needs to be very safe in their usage.

My proposal aim to raise bitcoin to a new level of security while still retaining the current mechanism bitcoin offers.

This is an idea I have been having for almost 6 month now, and I think it is a very good one, provided it can be integrated into the bitcoin protocol without many technical issue. I have started to think about it for quite some time but only find the motivation to write about it just now, following the yet another theft of the linode / bitcoinica coins.

I know there has been some talk about multi key transaction, but as I am not totally aware of the consequences of this evolution I wont comment on this. However I don't think this evolution can address all the points my proposal is aiming to achieve.

-----------
Aims :
-----------

Specifically, I would like the following points to be possible :

ex A - I am having a party at my house with all top hackers in the worlds, which are all evil and dream of stealing my bitcoins. My wallet is open on my computer and I am having post it with the password all other my house. I still dont wanna loose my precious coins Smiley

ex B - Hazardous events like thief of a mtgox wallet can be not much of an issue.

ex C - Malicious users inside a huge banking compagny running with bitcoin does not raise any security issue.

ex D - Death or an accident (a compagny office burning with keys) does not threatens the wallet. Same thing if some exchange owner (like mtgox) dies or any other hazard happens.

ex E - Loss probability of wallet is almost impossible.

To adress points such as eD & eE, the only solution is to have many many duplicate of the key. Which raise the probability of theft in turn... How can we overcome all these problem at once ?

Onto my proposal, having a new set of address that allows the following :

pA - Allow “destruction” of address that send back coins where they came from. This of course requires a “timeframe” within which transactions are not yet confirmed.

pB - Allow cancelation of address, since we now have non instantaneous transactions for some bitcoin address. These address are only meants to be used for stash and exchanges, as they are not meant to be instanaous payments, but rathers transactions within trusted peers.

-----------
Implementation :
-----------

Create a new set of addresses which have an associated integer that encodes a timeframe where transactions can be cancelled.
Coins can still be received instantly (the delay depends on the origin address not on the incoming).

We now have two sets of address :

- The "old" ones, which can send bitcoins instantly.
- The new ones, which can send bitcoins with a delay defined by a time identifier (for example
address CHARGEBACK-1WEEK-12WG4sSQ4aJs7ELWyLSG2EkovRAobHYem4)

For example, I could use for my stash wallet a timeframe of 3 month : This essentially means that if I try to move coins from this wallet to another adress, the transaction will only be effective in 3 month. In the meantime, the transaction can be canceled at will.

In case of thieft, as there is no way in the protocol to distinguish between the original owner of the adress and the thief, we need to have a special mechanism thats left to be determined that allow any of the address owner (the legitimate or the thief) to “cancel” the address.

This mechanism can be to send a number of coins to a special address or anything special in the protocol (or for example 2 cancellation in a row, etc.). If this mechanism is raised, all the coins in the address are transferred back from where they were sent.

In case where an address has received 100 coins but for example only have 75 lefts those 75 coins can be spreaded evenly as if they were 100 (meaning each coin received from an address get 0.75 coins)

-----------
Example :
-----------

- So what does this mean ? Say all my coins stored on my personnal 3-month wallet have been received from mtgox. If someone now hacks my wallet, I now have 3 month to activate the mechanism that “destroy” the address and all the current transactions will be cancelled while all the coins will be then sent back to the mtgox address from where they were received.
This would create a bit of hassle for mtgox in this example but would still be far far better result than having my coins stolen.

- So now I want to have a very very safe wallet. How can I do this ?
I make a 1 month wallet, while I ask two of my friend Kris and Adrien to do the same. Now I send my coins from mtgox to the Kris wallet, then Kris send them to Adrien, then Adrien send them to my 1 month address.

Now if a hacker wants to get my coin, he has to hack me, I would then destroy the address, then he would have to hack Adrien, then Kris, then mtgox itself etc.
This makes my coins impossible to steal. And I can now use a simple passphrase that I can copy paste everywhere at my home so I’ll never forget it, so the risk of loss is even further reduced.

Now I can have my big party with hackers in the house and feel safe ! Smiley

But most importantly, this would make bitcoin so much better for banks...

Banks could use interconnected wallet network (mtgox send money to bitcoinica which send money to i-dont-know-who) where all the “big” wallets require something like a week to confirm transactions. Now any issue of the wallet security for banks is almost solved. Keys can be duplicated many times and trust amount employee does not need to be so paramount.

Even “hot wallet” can still be configured to be able to cancel transaction for one hour or so.

-----------
Conclusion :
-----------

As demonstrated in my examples, I think this proposal would make bitcoin incredibly secure and allowing it to be more newbie friendly as well as newbie would not have to worry too much about security as well. Instead they would just have to check their wallet from time to time to see if nothing is unusually missing, as they are doing with a normal bank account.

This would as well make the life of bitcoin banks very much easier as the amount of trust thats needs to be put on employees would be minimal. Any theft could be seen and undone very fast.

Ultimately, this would destroy most of the incentive for malicious hacker. With low chance of being successful at theft those would be reduced drastically.

All those aspects combined with the limited money supply from bitcoin protocol could make bitcoins a incredibly strong store of value.

-----------
Remarks :
-----------

- I don't think it is worth creating a new currency just for this. I really dislike the idea of many peer to peer currency nearly equivalent to bitcoin. I think more trust is gained by having a single powerful currency.

- I don't think this idea goes against the philosophical roots of bitcoin : users are still in control without central entities, most address for day to day uses can still stay “normal” address with no cancel of transaction possible. And merchants would be advised to refused cancellable transactions as payments.

Much love to all the bitcoin supporters !
12tJv59aMdYt7figQ2BnHG2sHmcEdUYMW6 Smiley

speculate on the mtgox price - http://www.btcoracle.com/
buy Mastercoin - http://masterxchange.com
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481256590
Hero Member
*
Offline Offline

Posts: 1481256590

View Profile Personal Message (Offline)

Ignore
1481256590
Reply with quote  #2

1481256590
Report to moderator
1481256590
Hero Member
*
Offline Offline

Posts: 1481256590

View Profile Personal Message (Offline)

Ignore
1481256590
Reply with quote  #2

1481256590
Report to moderator
BkkCoins
Hero Member
*****
Offline Offline

Activity: 784


firstbits:1MinerQ


View Profile WWW
March 11, 2012, 02:17:35 AM
 #2

Umm. You're adding reversibility to transfers for a long time period. No one is ever going to go for that. I could pay for something and then 2 months later reverse it claiming theft. We already have Paypal for that. Sorry.

DarkEmi
Full Member
***
Offline Offline

Activity: 215


View Profile
March 11, 2012, 02:23:02 AM
 #3

I am only proposing that some address have reversibility. A minority of address used for stashing and banks, which should be well-distinct from others address so that anybody can freely refuse to receive transactions from those address as payments.

speculate on the mtgox price - http://www.btcoracle.com/
buy Mastercoin - http://masterxchange.com
ArticMine
Legendary
*
Offline Offline

Activity: 1806


Monero Core Team


View Profile
March 11, 2012, 02:23:27 AM
 #4

...
For example, I could use for my stash wallet a timeframe of 3 month : This essentially means that if I try to move coins from this wallet to another adress, the transaction will only be effective in 3 month. In the meantime, the transaction can be canceled at will.
...
Are we talking a protocol change to allow for chargebacks here?

Concerned that blockchain bloat will lead to centralization? Storing less than 4 GB of data once required the budget of a superpower and a warehouse full of punched cards. https://upload.wikimedia.org/wikipedia/commons/8/87/IBM_card_storage.NARA.jpg https://en.wikipedia.org/wiki/Punched_card
DarkEmi
Full Member
***
Offline Offline

Activity: 215


View Profile
March 11, 2012, 02:24:36 AM
 #5

Yes I am proposing a kind-of chargebacks (not sure about the term ?) for some address.

I am not too sure about the implications for the bitcoin protocol, hopefully not too huge if we create a "new" set of address specifically for this (but probably still an huge change..)

speculate on the mtgox price - http://www.btcoracle.com/
buy Mastercoin - http://masterxchange.com
BkkCoins
Hero Member
*****
Offline Offline

Activity: 784


firstbits:1MinerQ


View Profile WWW
March 11, 2012, 02:31:10 AM
 #6

I don't think you're going to find anyone who will accept a payment from an address that takes 3 months to clear. Not if there is a service or product involved that can't be taken back.

So presumably the only way is to send payment to one of your own regular addresses before then spending on to a vendor? But for this to be useful that transaction has to be carrying the "hold" onto transactions down the chain otherwise any thief could just do the same. In which case the whole thing is pointless.

bitcoinsarefun
Member
**
Offline Offline

Activity: 98



View Profile
March 11, 2012, 02:35:05 AM
 #7

good idea, now create your own fork and get people to adopt it
DarkEmi
Full Member
***
Offline Offline

Activity: 215


View Profile
March 11, 2012, 02:36:22 AM
 #8

I don't think you're going to find anyone who will accept a payment from an address that takes 3 months to clear. Not if there is a service or product involved that can't be taken back.

Yes

So presumably the only way is to send payment to one of your own regular addresses before then spending on to a vendor?

Exactly

But for this to be useful that transaction has to be carrying the "hold" onto transactions down the chain otherwise any thief could just do the same. In which case the whole thing is pointless.

I am not sure what you meant here. The easiest way to have this is to have a special identifer in front of one of those address (like : 3MONTH-12WG4sSQ4aJs7ELWyLSG2EkovRAobHYem4).

But yes, one of those address should not be used for payment, and coins could be "moved" again only after the deadline is elapsed (with the blockchain acting as the time-mesurment). I dont think it add many burden to the blockchain.

I dont think this is a problem for miner, as long as they are rewarded... accordingly in fees.

speculate on the mtgox price - http://www.btcoracle.com/
buy Mastercoin - http://masterxchange.com
bitcoinsarefun
Member
**
Offline Offline

Activity: 98



View Profile
March 11, 2012, 02:42:10 AM
 #9

What happens when I really need the bitcoins but am unable to touch them for 3 months? Also, what if I accidentally set up an address that cant be spent for five years ?
DarkEmi
Full Member
***
Offline Offline

Activity: 215


View Profile
March 11, 2012, 02:43:58 AM
 #10

Dont know, you might sell them for a discount to someone.
You would need to provide sufficient personal information so the buyer can trust you... Better someone you know.

But you cant bypass this. But 3 month was just an example, the idea is that you can set up the duration you want when creating a "chargeback" address.

speculate on the mtgox price - http://www.btcoracle.com/
buy Mastercoin - http://masterxchange.com
bitcoinsarefun
Member
**
Offline Offline

Activity: 98



View Profile
March 11, 2012, 02:46:33 AM
 #11

Dont know, you might sell them for a discount to someone.
You would need to provide sufficient personal information so the buyer can trust you... Better someone you know.

But you cant bypass this. But 3 month was just an example, the idea is that you can set up the duration you want when creating a "chargeback" address.

I'm not a fan of anything that is going to cut me off from my own money ...

Why is this better than just taking my wallet offline completely? It seems I could accomplish the same thing ( minus the chargeback ) by doing that ...
DarkEmi
Full Member
***
Offline Offline

Activity: 215


View Profile
March 11, 2012, 02:52:11 AM
 #12

You could. It's just a different layer of security.

But now if you are a bank and need to use your wallet... Wouldn't a security margin of 1 day or so makes you feel better ?

For myself, being able to store my password in daylight and have duplicate of my wallet without worrying too much about my stash security would feel good.

speculate on the mtgox price - http://www.btcoracle.com/
buy Mastercoin - http://masterxchange.com
bitcoinsarefun
Member
**
Offline Offline

Activity: 98



View Profile
March 11, 2012, 03:05:57 AM
 #13

take some time to read up on the multi sig features coming... they solve exactly what you are trying to accomplish ( problem of the stolen wallet ) , without chargeback ...
DarkEmi
Full Member
***
Offline Offline

Activity: 215


View Profile
March 11, 2012, 03:24:07 AM
 #14

You cant use bitcoins while they are still "cancelable".

They are in "hold"... or something. They are effectively in the new address only once the cancellation period is over.

speculate on the mtgox price - http://www.btcoracle.com/
buy Mastercoin - http://masterxchange.com
niko
Hero Member
*****
Offline Offline

Activity: 742


There is more to Bitcoin than bitcoins.


View Profile
March 11, 2012, 03:28:00 AM
 #15

I think I understand what you are saying.

What your suggesting is we have another type of address where you can reverse the transaction, so this can be used for stashes and banks.

Here's a big problem with this:

I send 100BTC using my stash address to my normal address

I use my normal address to buy something off someone for 100BTC

I then cancel the transaction I made from my stash address to my normal address


What happens to the BTC the seller got?

The seller only got the BTC once the transaction has been signed by all sending parties.

They're there, in their room.
Your mining rig is on fire, yet you're very calm.
notme
Legendary
*
Offline Offline

Activity: 1526


View Profile
March 11, 2012, 04:17:54 AM
 #16

take some time to read up on the multi sig features coming... they solve exactly what you are trying to accomplish ( problem of the stolen wallet ) , without chargeback ...

+1

What usecase does your solution have that multisig can't handle?

https://www.bitcoin.org/bitcoin.pdf
While no idea is perfect, some ideas are useful.
12jh3odyAAaR2XedPKZNCR4X4sebuotQzN
ripper234
Legendary
*
Offline Offline

Activity: 1260


Ron Gross


View Profile WWW
March 11, 2012, 07:30:22 AM
 #17

I proposed something very similar/identical just a couple of days ago ... and then retracted it. It doesn't seem to be necessary.

Please do not pm me, use ron@bitcoin.org.il instead
Mastercoin Executive Director
Co-founder of the Israeli Bitcoin Association
Killdozer
Full Member
***
Offline Offline

Activity: 204



View Profile
March 11, 2012, 08:40:49 AM
 #18

This of it this way: does your average physical 50-dollar (or whatever they have in france) bill have or need a chargeback functionality?  Wink
Bitcoin is more like cash, not like a credit card.

Meni Rosenfeld
Donator
Legendary
*
Offline Offline

Activity: 1890



View Profile WWW
March 11, 2012, 10:45:26 AM
 #19

I wonder if this can already be done with the right script.

I proposed something very similar/identical just a couple of days ago ... and then retracted it. It doesn't seem to be necessary.
It's similar but the proposed use case is different. Here the focus is not on merchant payments, but on personal wallet security. I think there are security schemes that are possible with this but not without it, and some people might want to use them.

Also, in this proposal, you don't reverse just the offending transaction from the address, you reverse both this transaction and the previous transaction to this address (and have the funds return to a different, presumably uncompromised address). This is what allows it to have security implications. (If you reverse just one transaction, a hacker could just make the transaction again).

1EofoZNBhWQ3kxfKnvWkhtMns4AivZArhr   |   Who am I?   |   bitcoin-otc WoT
Bitcoil - Exchange bitcoins for ILS (thread)   |   Israel Bitcoin community homepage (thread)
Analysis of Bitcoin Pooled Mining Reward Systems (thread, summary)  |   PureMining - Infinite-term, deterministic mining bond
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!