I had my account hacked on localbitcoins and I can see that the bitcoins that were left are still in the localbitcoin wallet and all they do is ignore my emails to give me back my account. They are trying to steal my bitcoins without any shame doing so.
First, Gladoux, can you explain how that part I bolded was accomplished? LBC moves deposited coins within several minutes of the deposit, so there's no way to know if they still control them, or whose account they are in if they do, by examining the blockchain, unless there is a comprehensive list of all addresses that LBC owns. Is there?
Anyway, I suspect that LBC ignores emails from addresses that are not assigned to their customers. If I were LBC, I'm pretty sure that rule would be created pretty early. Or maybe they didn't ignore the email, but wanted to wait for more evidence that the sender was the original owner of the account. If your account has been compromised, it is reasonable to assume that other accounts of yours (like email) may also have been compromised. Glandoux and LBC can both improve their operations:
- Glandoux could put a little more effort into giving LBC the benefit of doubt. In the first post about the problem, he called them thieves.
- (Maybe) Gladoux could improve his method of protecting his LBC account.
- LBC can keep a history of old email addresses whenever a customer changes their email address (I'm guessing they don't).
- LBC can establish policy on handling claims of hacked accounts and let everyone know about it.
- LBC should have a hidden set of hoops that a customer must go through in order to prove they are the actual owner once someone makes the claim that their account has been hacked.
A simple protocol would be to sign something with a private address to which some bitcoins have previously been sent, or which has been established earlier (when the account was not compromised) as the account holder's signing address.
I am interested in helping LBC establish that "hidden set" if they are interested. Some of my ideas can be found in the archives of my mailing list (there's a link
at the top of my LBC profile
of the same username). LBC, please feel free to contact me if you think my ideas might be worth exploring. I think your business has the potential to replace the three credit reporting agencies in the US, if not other government-privileged holders of monopolistic services.