Proposing new feature in Bitcoin protocol to reduce the number of thefts

[notbatman]

What makes you say that these coins are stolen?

We've chased our stolen coins here.

Serves you right you piece of shit thief.

[ElGrandJefe]

[SimonBeCoinin]

want to reduce the number of thefts?   get rid of unethical manufacturers like Black Arrow and jail the lying bastards that run them, including BlackArrow, who made a number of promises to consumers right here on this forum to sell their miners that have since been broken.

who knows if this claim of stolen BTC is even true in the first place?  that's a big assumption given the history of the OP. 

[Pentax]

Dear Bitcoin Developers,

We would like to propose a feature in Bitcoin protocol in order to reduce the number of Bitcoin thefts.

Real world scenario: attacker installs a trojan into your computer, downloads the Bitcoin wallet and keylogs your computer to get the password. The attacker can and will spend all your money and there's nothing you can do about it.

So, we would like to propose this feature to be added to Bitcoin protocol:

A "Time Lock" command for Bitcoin addresses.

    This will function in the same way as a safe does: The owner of the address will announce the network that he/she wishes to lock this address and will require X amount of minutes/days to be unlocked.
     This would mean that the Bitcoin network will require the user to issue the unlock command and wait for the timer to expire before allowing him/her to spend the money from that address. The GUI client must announce the owner that his address has been unlocked and display a countdown timer so he has a chance to take action.

     There's a problem with the above scenario: as the hacker has access to the keys, the owner still cannot stop spending because he/she can lock the money again but the attacker can unlock them, triggering a race that leads only to a draw (permanent lock of the funds) or the attacker to win (as the hackers are dedicated to make software that will trigger their transaction faster or will spend higher commissions to get the transaction processed quicker etc).

Here is the solution to this problem:

    Lock command will also require an emergency backup address. A 2nd lock command issued will not allow to change the emergency backup address. If the attacker triggers the unlock command and the real owner wants the money back, he/she can issue an emergency recover command and the network will send the money to the emergency address (that was set-up when the first lock command was issued).  It is important that transfer will be completed only after the lock timeout expires and the new address will be locked again for the original timeout. This is required in order to give a chance to the real owner to issue the last and final command (if the hacker had managed to get access to the 2nd address as well).
    The last and final command that can be issued by the real owner of the new address will be to destroy the funds. The funds will be destroyed, not sent to the miners. This is important in order to deter the hackers to develop any other techniques to steal the money (for example few days ago I read that they hacked 6 ISPs and redirected the whole hashing power towards themselves). If we do not destroy the funds, we are inviting them to hack our hashing power.


To summarize:

   lock(address, delay, emergency address)
      note: a new lock command, issued while the lock is active, will not accept to change the emergency address or the delay.
   unlock(address, where_to_spend);
      note: a new unlock command will refresh the timer to the original lock command. If a previous unlock command was issued with no address to spend, there will not be accepted any new addresses
   issue_emergency(address);
       will cancel any unlock commands and send the money to the emergency address set with original lock(). emergency address will be locked for the same amount of time as issued by original lock(). No further unlock commands are accepted.
   destroy(emergency_address);
       can be issued only on emergency addresses that are locked. it is important that this transaction to be signed by emergency_address only as we do not want the hacker that has access to our original address to be able to destroy our saved funds.

   

Regards!

Dear BlackArrow,

Nobody cares if someone stole from you.  That it was possible only serves to further display your utter incompetence, as anyone but a total noob understands the concept of cold storage.  Furthermore, I doubt that this amount is anywhere near what you have cost your customers with your false promises, production delays, and refunds that were never made.

Please go back to building your miners that start on fire and concocting reasons not to keep promises you made to customers to sell them mining units while whining about everyone one else for the numerous miserable failures of your company.  While you clearly suck at all of that too, or your miners wouldn't be this late nor starting on fire, I'm sure that you're better at that than at contributing anything meaningful to the bitcoin protocol.

You've wasted more than enough of people's time already and done quite enough damage to the bitcoin community as well, so please go crawl back under whatever rock you slithered out from under in the first place.

Regards!

[inBitweTrust]

I didn't even realize that the original poster was a asic company. Wow, perhaps this is a disingenuous thread where he is merely manufacturing evidence as to a supposed theft that he is "concerned" about as a excuse to not fulfill his obligations.

What is up with this?

https://bitcointalk.org/index.php?action=trust;u=105804

[Waramp22]

Dear Bitcoin Developers,

We would like to propose a feature in Bitcoin protocol in order to reduce the number of Bitcoin thefts.

Real world scenario: attacker installs a trojan into your computer, downloads the Bitcoin wallet and keylogs your computer to get the password. The attacker can and will spend all your money and there's nothing you can do about it.

So, we would like to propose this feature to be added to Bitcoin protocol:

A "Time Lock" command for Bitcoin addresses.

    This will function in the same way as a safe does: The owner of the address will announce the network that he/she wishes to lock this address and will require X amount of minutes/days to be unlocked.
     This would mean that the Bitcoin network will require the user to issue the unlock command and wait for the timer to expire before allowing him/her to spend the money from that address. The GUI client must announce the owner that his address has been unlocked and display a countdown timer so he has a chance to take action.

     There's a problem with the above scenario: as the hacker has access to the keys, the owner still cannot stop spending because he/she can lock the money again but the attacker can unlock them, triggering a race that leads only to a draw (permanent lock of the funds) or the attacker to win (as the hackers are dedicated to make software that will trigger their transaction faster or will spend higher commissions to get the transaction processed quicker etc).

Here is the solution to this problem:

    Lock command will also require an emergency backup address. A 2nd lock command issued will not allow to change the emergency backup address. If the attacker triggers the unlock command and the real owner wants the money back, he/she can issue an emergency recover command and the network will send the money to the emergency address (that was set-up when the first lock command was issued).  It is important that transfer will be completed only after the lock timeout expires and the new address will be locked again for the original timeout. This is required in order to give a chance to the real owner to issue the last and final command (if the hacker had managed to get access to the 2nd address as well).
    The last and final command that can be issued by the real owner of the new address will be to destroy the funds. The funds will be destroyed, not sent to the miners. This is important in order to deter the hackers to develop any other techniques to steal the money (for example few days ago I read that they hacked 6 ISPs and redirected the whole hashing power towards themselves). If we do not destroy the funds, we are inviting them to hack our hashing power.


To summarize:

   lock(address, delay, emergency address)
      note: a new lock command, issued while the lock is active, will not accept to change the emergency address or the delay.
   unlock(address, where_to_spend);
      note: a new unlock command will refresh the timer to the original lock command. If a previous unlock command was issued with no address to spend, there will not be accepted any new addresses
   issue_emergency(address);
       will cancel any unlock commands and send the money to the emergency address set with original lock(). emergency address will be locked for the same amount of time as issued by original lock(). No further unlock commands are accepted.
   destroy(emergency_address);
       can be issued only on emergency addresses that are locked. it is important that this transaction to be signed by emergency_address only as we do not want the hacker that has access to our original address to be able to destroy our saved funds.

   

Regards!

Instead, why don't you propose a system where after you manufacture bitcoin mining hardware with customer preorder money, you deliver it to your customers in the advertised time period, with the advertised compensation plans, with the advertised quality.

Even better, when customers ask why their orders have yet to be manufactured even 6 months after your revised ship date, you tell them the truth and explain the current compensation plans instead of worrying about your untouched bitcoin hoard and funding the next 14nm preorder scam.    

[juju]

What about the project Hal was working on: bcflick - https://bitcointalk.org/index.php?topic=154290.0

I have not found enough time to try to setup a machine as he describes(Maybe during holidays), however the setup he has is essentially what your talking about.

Also if anyone has any more info outside of that thread on this project, I would be happy to read the information or at-least save it for when I have free time. Did anyone continue working on the project?

[SimonBeCoinin]

I didn't even realize that the original poster was a asic company. Wow, perhaps this is a disingenuous thread where he is merely manufacturing evidence as to a supposed theft that he is "concerned" about as a excuse to not fulfill his obligations.

What is up with this?

https://bitcointalk.org/index.php?action=trust;u=105804

that's the very first thing that went through my head.

"gee, isn't that convenient"

people have been saying all along that they can see their btc sitting in the wallets they sent them to to pay these people.  Meanwhile they're crying poor and saying they can't refund, after promising they would and people say their btc are sitting in plain view.   

and now they've suffered a theft. 

could be totally legit, but it could also just be yet another suspicious move out of a company that seems to ooze them like some people sweat.

and the trust ratings?   they earned each and every one I'm sure.  they've also left negative trust for people claiming they're not customers that are being paid to post in their thread, while in an online article they admit they have no proof of those claims.  they've set up a bot in that thread to delete some people's posts automatically, which is why that BlackArrow user is signed on 24/7, and have done whatever they can to control information going back months, including deleting 100 pages or so from that original thread and deleting comments and entire threads from their forum. 

is it that much of a stretch to think they would actively spread misinformation by doing something like this as a gambit?  not for me it's not.  I've been watching this for months and don't believe a word they say at this point, nor trust that their motives on any action are not on some level self-serving. 

[btmtb]

It had become quite clear that blackarrow were sitting on the value of the orders paid in BTC, seeming to a casual observer to possibly be playing currency investment game, hoping to cash out on a rise. People asked repeatedly whether these had even been declared as income/assets on your balance sheets only to have the question evaded. It seems very convenient that they've now been 'stolen'. I do hope we can get to the bottom of this, have you any information you can share as to why why you think they were stolen? I know it was mentioned in your main thread (before you deleted several 100 pages) that several people had contacted the HK Inland Revenue Department to ask them to investigate whether you had declared these, perhaps you have more details you could share about this 'theft' that will clear these things up?
 
Without wanting to lend credibility to this incredulous story, have you perhaps asked your team member who you claim stolen all your customer/victim contact information to XBtech (remembering xbtech say they bought it from you, and this has never been satisfactorily resolved)?

Regarding your proposal, I believe that better adoption and support of mutlisig would achieve a suitably equivalent improvement if used properly, and this has the benefit of already being partially supported/implemented and is far more adaptable moving forward, less limited to a specific use-case.

[MichelG]

Another trick from Black Arrow for not refunding their customers ! These psychotic monkeys are thieves, scammers, and incompetent ! Stay away from anything coming from them... Last but not least, their PSU are burning and exploding ...

This kind of firm must be ERASED from the BTC / crypto-currencies world ! They have done too much damages...

Regards!

[goozman96]

Anyone who has bitcoins tied up with black arrow, check to see if those coins are still sitting in the original wallet you sent them to, or if they've been 'stolen' like BA is trying to make it seem.

Also, just for fun, since this isn't a self-moderated thread:

Alexandru Ion Sovu is a Romanian scammer running a fraud of a business by the name of Black Arrow.
Find their personal info here:
http://www.kiwi.nz/blackarrow/
https://www.facebook.com/alex27a
Dukesbridge House, 23 Duke Street, Reading, Berkshire, RG1 4SA
cardreaderfactory.com
http://companycheck.co.uk/director/914928330
http://black-arrow-information-technology-shenzhen-co.imexbb.com
http://alexsovu.blogspot.com

[Waramp22]

If you have purchased any equipment from Black Arrow Software, here is how to file a complaint with the Hong Kong Consumer Council

The company is registered in Hong Kong, so the proper agency from what I have been able to find out so far is the Hong Kong Consumer Council.

They request some documents and need to establish that this is a Hong Kong registered company before they will agree to pick it up, therefore:

Send the annual report http://www.filedropper.com/ps30001577654901 along with the documents they have requested. Those documents are:

1. The invoice showing you paid
2 your bank or payment records showing the payment
3. any e-mail or support discussions you've had
4. The annual report referenced above.

Here's the link to file a complaint if you decide you want to do that.

https://www.consumer.org.hk/cc-complaint/index.php?lang=en

Also indicate that their TOS indicates Hong Kong law.

15.2 Applicable law and dispute resolution
16.2 1 This Agreement shall be interpreted and applied in accordance with the law of Hong Kong S.A.R. of PRC.


Black Arrow LTD
Room 1701, 17/F, Henan Building, No. 90-92
Jaffe Road
Wanchai, N/A
Hong Kong
PHONE: +852 8199 0849

Other forum users who are in on the scam.
Lexx2k
David105396
Bobsag3

[greenlion]

So, we would like to propose this feature to be added to Bitcoin protocol:

A "Time Lock" command for Bitcoin addresses.

Are you aware that Bitcoin addresses do not exist on the blockchain or in the protocol?

And that "addresses" are not spent, "outputs" are.

And that transactions don't have timestamps?

And that the timestamp on a block is unreliable as an indication of current real-world calendar time?

And that the change you are proposing would require so much modification to the way the protocol works that it would likely destroy the consensus system and the fungible nature of bitcoins?

Are you aware that 10% of the bitcoins in circulation are currently stolen?

Are we going to do anything about it?

One obvious first step is suing the hell out of you for stealing millions of dollars from your mining customers.

[Gleb Gamow]

So, we would like to propose this feature to be added to Bitcoin protocol:

A "Time Lock" command for Bitcoin addresses.

Are you aware that Bitcoin addresses do not exist on the blockchain or in the protocol?

And that "addresses" are not spent, "outputs" are.

And that transactions don't have timestamps?

And that the timestamp on a block is unreliable as an indication of current real-world calendar time?

And that the change you are proposing would require so much modification to the way the protocol works that it would likely destroy the consensus system and the fungible nature of bitcoins?

Are you aware that 10% of the bitcoins in circulation are currently stolen?

Are we going to do anything about it?

Yes we are Alex Sovu, by exposing your ass for stealing millions of dollars due to non-deliveries of your Black Arrow pieces of shit.

[bigasic]

So, we would like to propose this feature to be added to Bitcoin protocol:

A "Time Lock" command for Bitcoin addresses.

Are you aware that Bitcoin addresses do not exist on the blockchain or in the protocol?

And that "addresses" are not spent, "outputs" are.

And that transactions don't have timestamps?

And that the timestamp on a block is unreliable as an indication of current real-world calendar time?

And that the change you are proposing would require so much modification to the way the protocol works that it would likely destroy the consensus system and the fungible nature of bitcoins?

Are you aware that 10% of the bitcoins in circulation are currently stolen?

Are we going to do anything about it?

Yes we are Alex Sovu, by exposing your ass for stealing millions of dollars due to non-deliveries of your Black Arrow pieces of shit.

I was wondering when Gleb was going to show up!.. good job, keep at it..

[roshii]

Instead, why don't you propose a system where after you manufacture bitcoin mining hardware with customer preorder money, you deliver it to your customers in the advertised time period, with the advertised compensation plans, with the advertised quality.

+1

Cannot say that better!

I was wondering for some time if I was reading correctly?! BA talking about bitcoin protocol?!?
Nothing else better to do at the moment?!?!?!?  Un-fu****-believable...

[ElGrandJefe]

Instead, why don't you propose a system where after you manufacture bitcoin mining hardware with customer preorder money, you deliver it to your customers in the advertised time period, with the advertised compensation plans, with the advertised quality.

+1

Cannot say that better!

Was I was wondering for some time if I was reading correctly?! BA talking about bitcoin protocol?!?
Nothing else better to do at the moment?!?!?!?  Un-fu****-believable...

They're still looking for suckers investors to finance their 14nm SHA256 ASIC and scrypt ASIC chip development.

Oh yeah, and frantically searching for new excuses as to why they're still not shipping.

[Rawted]

One of my favorite threads in recent memory. Nothing like some good old fashioned community vigilantism!

[Waramp22]

[ElGrandJefe]

Quoted to boost page rankings:

Black Arrow Software - Bitcoin Miner Scam
SCAM: Black Arrow Software