caveden
Legendary
Offline
Activity: 1106
Merit: 1004
|
|
May 10, 2011, 09:54:02 AM |
|
I think the "use case" bitbills is trying to address is offline transactions, there the importance of the "face value".
|
|
|
|
genjix
Legendary
Offline
Activity: 1232
Merit: 1076
|
|
May 10, 2011, 09:58:46 AM |
|
You people forget that the public key is visible. Therefore you cannot invalidate the card because you can look up the bitcoin address on blockexplorer.com to see if it has the funds in that the card claims.
Once someone decides to crack open the card, they'll be the first to spend them.
BitBills should include some kind of serial code / id number which can be used to verify it on their website. That way you can verify that the card actually came from them. Maybe they could sell POS scanners that verify the tokens when swiped.
|
|
|
|
FreeMoney
Legendary
Offline
Activity: 1246
Merit: 1016
Strength in numbers
|
|
May 10, 2011, 09:59:24 AM |
|
I think the "use case" bitbills is trying to address is offline transactions, there the importance of the "face value".
Sure, but there is a place for one-sided-web-access-only transactions. I'm not talking about getting rid of the denominated cards, just another possibility. I think it would be pretty good since you could end up not destroying bills until they got large so the cost would be small as a %.
|
Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
|
|
|
jtimon
Legendary
Offline
Activity: 1372
Merit: 1002
|
|
May 10, 2011, 11:10:16 AM |
|
Very cool, you can even store more of your bitcoins in the bitbill address. But I think paying directly with them isn't very secure. Here's an attack:
1) I purchase a bitbill. 2) I put out the stick and scan the private key. 3) I put back the stick 4) I pay with the billbit. When the merchant verifies the bitbill, your server says. "Yes, the 20 btc are still there". 5) I use the private key to extract the bitcoins
Maybe the sticks are so special that make 3 impossible, but I don't think so. Anyway, It will work great for gift cards and physical storing. A bitcoin client that imports private keys from IQ-codes would be useful.
|
|
|
|
hendi
Newbie
Offline
Activity: 57
Merit: 0
|
|
May 10, 2011, 11:19:34 AM |
|
Cool idea and a splendid realization! I've just ordered a few cards of each and hope to get my hands on these "real" Bitcoins soon
|
|
|
|
marcus_of_augustus
Legendary
Offline
Activity: 3920
Merit: 2349
Eadem mutata resurgo
|
|
May 10, 2011, 11:27:02 AM |
|
Very cool project ... can go in many tangents .. more heads to hydra .... If we trust llama that he has destroyed any digital/electronic representation of the private key and the only place in the universe that it exists is inside that card then it is ready-made physical back-up as you would ever want to store large amounts of BTC. Just keep sending them to that public address on the card ... oh and remember not to give someone a BTC1 card that has BTC 10,000 loaded up on it! From the FAQ; "After each card has been produced and proven functional, we delete all records of the private key. This means that once the card leaves our hands, we can no longer access the associated bitcoins (be aware, this means we also can't help if you lose or destroy your card). Keypairs are generated on an offline computer that runs off of a flash drive which we will occasionally destroy in spectacular fashion." I mean if he is doing all this to physically secure those private keys who can be bothered doing this themselves? It is another little niche market, providing secure, physical private keys that are not part of the electronic network and never have been (thus not possible to be subject to electronic tampering). Addresses associated with private keys secured like this are very useful as savings accounts. Good anonymity initially too.
|
|
|
|
SgtSpike
Legendary
Offline
Activity: 1400
Merit: 1005
|
|
May 10, 2011, 03:52:01 PM |
|
You people forget that the public key is visible. Therefore you cannot invalidate the card because you can look up the bitcoin address on blockexplorer.com to see if it has the funds in that the card claims.
Once someone decides to crack open the card, they'll be the first to spend them.
BitBills should include some kind of serial code / id number which can be used to verify it on their website. That way you can verify that the card actually came from them. Maybe they could sell POS scanners that verify the tokens when swiped.
Problem is, a counterfeit operation could just add the same serial number to a card with the same public key. So they print everything on the exterior the same, but the private key inside is invalid. They could keep the real card and maintain the balance in the account so anyone checking the balance could see that it has a balance, but they can't actually access the balance because the private key inside of the card is fake. Very cool, you can even store more of your bitcoins in the bitbill address. But I think paying directly with them isn't very secure. Here's an attack:
1) I purchase a bitbill. 2) I put out the stick and scan the private key. 3) I put back the stick 4) I pay with the billbit. When the merchant verifies the bitbill, your server says. "Yes, the 20 btc are still there". 5) I use the private key to extract the bitcoins
Maybe the sticks are so special that make 3 impossible, but I don't think so. Anyway, It will work great for gift cards and physical storing. A bitcoin client that imports private keys from IQ-codes would be useful. The private key can only be accessed by destroying the card. It is literally hidden between layers of plastic. A hologram must be destroyed, and the card has to be cut apart in order to access it. At least, that's how I understand it.
|
|
|
|
Ian Maxwell
|
|
May 10, 2011, 03:57:24 PM |
|
Another idea: If you're going to continue creating small batches at a time, perhaps you should offer them via a second item auction (what eBay calls a "Dutch auction"). Set a minimum bid of face value, of course, or maybe even face value plus cost. It will maximize your profit and get these cards to the people who want them the most, meaning the people most likely to do something interesting with them.
I love the idea of buying a card and using it as a long-term "savings account". In fact, maybe BitBills should offer "savings cards" with no face value at all, for precisely that purpose! (Otherwise there's the small risk that the card will get mixed in with the rest of my money and I'll accidentally spend it for its face value.)
|
|
|
|
kiba
Legendary
Offline
Activity: 980
Merit: 1020
|
|
May 10, 2011, 04:00:00 PM |
|
I can counterfeit this by printing the public key, no?
|
|
|
|
SgtSpike
Legendary
Offline
Activity: 1400
Merit: 1005
|
|
May 10, 2011, 04:00:53 PM |
|
Yes kiba.
|
|
|
|
jtimon
Legendary
Offline
Activity: 1372
Merit: 1002
|
|
May 10, 2011, 04:26:30 PM |
|
Ok, so even if the card must be destroyed in a way that cannot be repaired to extract the private key, the bills can be counterfeited: they're not secure for trading. The storing and gift uses are secure and I think you will sell a lot of them.
|
|
|
|
BitterTea
|
|
May 10, 2011, 04:41:49 PM |
|
Wouldn't it be pretty obvious that someone put a sticker over the public key code?
|
|
|
|
ben-abuya
|
|
May 10, 2011, 04:42:17 PM |
|
They're secure for trading insofar as you trust the holograms, so they're probably at least as secure as regular fiat cash.
|
|
|
|
Ian Maxwell
|
|
May 10, 2011, 04:43:41 PM |
|
Ok, so even if the card must be destroyed in a way that cannot be repaired to extract the private key, the bills can be counterfeited: they're not secure for trading.
Perfect security doesn't exist. You may as well say that Bitcoin isn't secure for trading, because someone could hack into your computer and replace your client with a counterfeit. These cards are quite secure enough for trading, as long as you aren't foolish enough to accept huge amounts of them from a single untrusted payer without auditing them first. Right now I'd accept payment of ฿20 or so in Bitbills from a stranger without even checking the balance, if they looked right. For large amounts like ฿100, I'd probably redeem a few of the higher denomination cards, but not all of them.
|
|
|
|
llama (OP)
Member
Offline
Activity: 103
Merit: 61
|
|
May 10, 2011, 04:54:44 PM |
|
I'm going to address a few points here. These are general topics of discussion, so I'm not going to bother quoting anyone in particular:
Bitbills are intended more for continued offline trading rather than instant redemption. A card that is intended to be redeemed as soon as the buyer gets home would be useful, but that's a different product. I'm looking at possibly making those (probably as a scratch-off card) in the future.
As far as mailing cards out without value, allowing "activation" at POS, etc, I have no plans to do this. The instant a card leaves our hands, we guarantee that it has the stated value on it. It would be devastating if somebody traded something for an unfunded card, not knowing that it was unfunded, only later to realize the card was worthless.
In addition to the design and holograms, we are funding every card from the same address. This provides a layer of security equivalent to the proposed serial (and with the same limitations).
I'm confident that Bitbills are presently secure against both tampering and counterfeiting. We will continue to add more security features to future versions. I certainly agree with SunAvatar; use common sense practices when trading with Bitbills, just like you would with cash or anything else.
|
|
|
|
FatherMcGruder
|
|
May 10, 2011, 05:04:47 PM |
|
Well here's a crazy idea that even I wouldn't like... bitbills.com could somehow backup the wallets they put onto the cards.
Put an expiration date on the card, say 10 years into the future.
If the card hasn't been imported by that date, bitbills.com can spend those coins.
What's wrong with that?
|
Use my Trade Hill referral code: TH-R11519 Check out bitcoinity.org and Ripple. Shameless display of my bitcoin address: 1Hio4bqPUZnhr2SWi4WgsnVU1ph3EkusvH
|
|
|
SgtSpike
Legendary
Offline
Activity: 1400
Merit: 1005
|
|
May 10, 2011, 05:19:49 PM |
|
Well here's a crazy idea that even I wouldn't like... bitbills.com could somehow backup the wallets they put onto the cards.
Put an expiration date on the card, say 10 years into the future.
If the card hasn't been imported by that date, bitbills.com can spend those coins.
What's wrong with that? It kills incentive to buy the cards as an easy way to hold bitcoins for the future. I picture it like having a stock certificate. You know you have it, you have proof you have it, there's no risk of digital loss, and you can open it up and redeem it at any time in the future.
|
|
|
|
FatherMcGruder
|
|
May 10, 2011, 05:31:12 PM |
|
It kills incentive to buy the cards as an easy way to hold bitcoins for the future. I picture it like having a stock certificate. You know you have it, you have proof you have it, there's no risk of digital loss, and you can open it up and redeem it at any time in the future.
Can't we just do that ourselves? Just print out the private key, lock it up, and delete it on your PC. Expiring notes will help new notes with better security get into circulation. A redeem or exchange by date on the bill itself will fairly keep the holder informed.
|
Use my Trade Hill referral code: TH-R11519 Check out bitcoinity.org and Ripple. Shameless display of my bitcoin address: 1Hio4bqPUZnhr2SWi4WgsnVU1ph3EkusvH
|
|
|
hohead
Newbie
Offline
Activity: 3
Merit: 0
|
|
May 10, 2011, 05:32:42 PM |
|
This is a fantastic idea llama. Great work!
Some Gov't agencies may not like the idea of this service, so please be careful.
Please be sure to maintain your anonymity while online, as you can never be too safe. Use Tor when using this forum, keep your domain name and website hosting out of the US, and pay for your website hosting using anonymous methods.
Keep up the good work!
|
|
|
|
SgtSpike
Legendary
Offline
Activity: 1400
Merit: 1005
|
|
May 10, 2011, 05:33:47 PM |
|
It kills incentive to buy the cards as an easy way to hold bitcoins for the future. I picture it like having a stock certificate. You know you have it, you have proof you have it, there's no risk of digital loss, and you can open it up and redeem it at any time in the future.
Can't we just do that ourselves? Just print out the private key, lock it up, and delete it on your PC. Expiring notes will help new notes with better security get into circulation. A redeem or exchange by date on the bill itself will fairly keep the holder informed. Good point. I still don't think expiration dates are necessary or wanted. I would rather have less currency in circulation, than have my bitcoins randomly expire because I forgot to redeem them by a certain date. I HATE expiration dates on things. If I get a gift card, I want it to be good for as long as I live. Same with gift certificates. Expiration dates are frustrating, obnoxious, and I would never purposefully buy something with them. I'm too forgetful of a person to buy money that expires.
|
|
|
|
|