Author [EN] [ZH] [ES] [PT] [IT] [DE] [FR] [NL] [TR] [SR] [AR] [RU] [EN] [ZH] [ES] [PT] [IT] [DE] [FR] [NL] [TR] [SR] [AR] [RU] [EN] [ZH] [ES] [PT] [IT] [DE] [FR] [NL] [TR] [SR] [AR] [RU] Topic: Stolen fund alert system?  (Read 990 times)

0 Members and 1 Guest are viewing this topic.

Offline Agent86

  • Sr. Member
  • ****
  • Posts: 471
  • BTSX: agent86
    • View Profile
Stolen fund alert system?
« on: July 07, 2014, 02:00:59 PM »

Ok, I'm well aware that this idea would be controversial.  I'm basically just throwing it out there.  I don't claim it's fully fleshed out or that we must do something like this, but I want to get people thinking and see any feedback.

Basically if you control a wallet, any transaction out of that wallet within the last 24hrs you can mark as a fraudulent transaction.  Everyone can distinguish funds that have been marked as fraudulent and most likely not accept them.  To make sure you are not doing business with someone trying to give you stolen funds for any large transaction you can demand that you only accept funds coming from an address that has held those funds at least 24hrs… these are "seasoned funds".  Exchanges can also demand that only funds that have been held in the sending address 24hrs prior to sending to the exchange are immediately available, otherwise they are quarantined 24hrs.

You could have a blockchain explorer app on your phone that alerts you anytime funds move out of any of your designated addresses.

Marking funds as stolen won't get you the funds back but will make it much more difficult for a thief to get a payday; so I would imagine there is little reason to do it unless it was a legitimate theft.  Anyone who is in control of funds that have been marked stolen can come forward to give an explanation and appeal to the community to have the designation removed.   There would be a process whereby the community can vote to remove the designation, otherwise after one year the stolen funds are burned as dividends (you could do without the auto burn while people get used to idea).  There's not necessarily a high burden of proof to have the designation removed but it forces someone to come forward and the party who marked them stolen has a chance to respond.

You could also have some kind of consensus community fund tagging.  For instance if Somali pirates or other demand BTSX for a ransom the community could vote to attach an alert to those funds even after 24hrs has expired but hopefully before there is a good chance for the criminal to liquidate.

Offline bytemaster

Re: Stolen fund alert system?
« Reply #1 on: July 07, 2014, 02:49:49 PM »
I imagine it could be a property of a balance that says transfers from this account are subject to self-destruction for 24 hours.  It would discourage thieves, but as a thief once you have the private key you might as well attempt it because you have already done the work to get the key in the first place.


For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline gamey

  • Hero Member
  • *****
  • Posts: 2253
    • View Profile
Re: Stolen fund alert system?
« Reply #2 on: July 07, 2014, 04:59:07 PM »

The problem I see is that once someone has acquired the private key, can't they do the same thing in reverse to the legitimate owner ? 
I speak for myself and only myself.

Offline Agent86

  • Sr. Member
  • ****
  • Posts: 471
  • BTSX: agent86
    • View Profile
Re: Stolen fund alert system?
« Reply #3 on: July 07, 2014, 05:20:54 PM »
The problem I see is that once someone has acquired the private key, can't they do the same thing in reverse to the legitimate owner ?
I'm not following what you mean by "do the same thing in reverse to the legitimate owner"

-The thief xfers money out of your wallet
-Your wallet is now compromised and also empty
-You irreversibly mark the transaction as fraudulent
-You no longer use this wallet

What does the thief do?

Offline gamey

  • Hero Member
  • *****
  • Posts: 2253
    • View Profile
Re: Stolen fund alert system?
« Reply #4 on: July 07, 2014, 05:43:31 PM »
The problem I see is that once someone has acquired the private key, can't they do the same thing in reverse to the legitimate owner ?
I'm not following what you mean by "do the same thing in reverse to the legitimate owner"

-The thief xfers money out of your wallet
-Your wallet is now compromised and also empty
-You irreversibly mark the transaction as fraudulent
-You no longer use this wallet

What does the thief do?

Ok, as long as the funds are not recoverable to the original owner.   So you remove a lot of the incentive for theft.

The system could still be abused.  If I wanted to cause your business a loss, I do our transaction then mark the transfer as stolen.  What does the receiver do to protect themselves once this is introduced ?

I'd love to see something like this in general, I just do not know if there is an adequate system.  It could be used to attack exchanges who support this feature and thus force them to withdraw support for the currency. 
I speak for myself and only myself.

Offline Agent86

  • Sr. Member
  • ****
  • Posts: 471
  • BTSX: agent86
    • View Profile
Re: Stolen fund alert system?
« Reply #5 on: July 07, 2014, 05:50:52 PM »
Ok, as long as the funds are not recoverable to the original owner.   So you remove a lot of the incentive for theft.

The system could still be abused.  If I wanted to cause your business a loss, I do our transaction then mark the transfer as stolen.  What does the receiver do to protect themselves once this is introduced ?

I'd love to see something like this in general, I just do not know if there is an adequate system.  It could be used to attack exchanges who support this feature and thus force them to withdraw support for the currency.
If you transact with a business and then mark the money that you sent them as stolen, first off they know who you are and that you tried to rob them of money for no reason even though you didn't gain anything.  So they could probably take appropriate action against you.  And again you didn't gain anything from doing this.  You could also walk into their business and just break something and probably accomplish about as much.  For a very big transaction where they don't trust you they have the option to wait 24hrs.  Even still as long as they come forward to the community and say they did not take the funds and are willing to identify themselves they will almost certainly get the alert tag removed by community.

Offline toast

Re: Stolen fund alert system?
« Reply #6 on: July 07, 2014, 05:59:27 PM »
Do not use this post as information for making any important decisions. The only agreements I ever make are informal and non-binding. Take the same precautions as when dealing with a compromised account, scammer, sockpuppet, etc.

Offline gamey

  • Hero Member
  • *****
  • Posts: 2253
    • View Profile
Re: Stolen fund alert system?
« Reply #7 on: July 07, 2014, 05:59:50 PM »
In crypto world businesses do not know people they transact with.  I'm quite sure that most cryptocurrency people prefer to keep it this way.  Your system would like help a lot of situations, but it would also introduce distrust into relationships.  It is hard to say "do it this way for small transactions" when the % fees taken by exchanges are so small to begin with.  Part of the reason the %s are so small is due to the irreversiblity.

Toast - I like that approach.  2 types of accounts.  Exchanges don't have to deal with the savings accounts.  This allows both parties to agree to the rules beforehand. 

What happens when you go from savings -> regular account -> regular account.  How do you know the transaction is reversible ?
« Last Edit: July 07, 2014, 06:02:44 PM by gamey »
I speak for myself and only myself.

Offline Agent86

  • Sr. Member
  • ****
  • Posts: 471
  • BTSX: agent86
    • View Profile
Re: Stolen fund alert system?
« Reply #8 on: July 07, 2014, 06:06:35 PM »
Is this relevant?
http://wiki.mastercoin.org/index.php/Saving_address
Yes, it seems to be an attempt to address similar problems.  I would have to try to understand it better to have an opinion.
I like the idea of savings addresses vs. "checking" addresses.  I'm not sure if blends into other type of account rules... I still think we need to enable you to set up a future auto-send to a different address if there is no activity for some period to leave funds to relatives when you die.

Offline Troglodactyl

  • Hero Member
  • *****
  • Posts: 941
    • View Profile
Re: Stolen fund alert system?
« Reply #9 on: July 07, 2014, 11:00:23 PM »
It seems like if the transaction is reversible until a certain point, you might as well just wait until that point and then send it irreversibly.  Reversible transactions just seem to invite fraud.  An escrow system that allows destruction in the case of failure to agree makes more sense to me.

The difficulty with this concept is that once a key is compromised (barring pre-established multisig), the attacker is on even footing with the victim, and there's no way to tell them apart.  The attacker can just take half, and if you report his half as stolen, he'll report your half as stolen.

It would be interesting to have a class of account that could only send to multisig accounts requiring confirmation from a designated guardian address.  That way no one who compromised the key could get the funds, but sending still makes an irreversible commitment.

Offline Agent86

  • Sr. Member
  • ****
  • Posts: 471
  • BTSX: agent86
    • View Profile
Re: Stolen fund alert system?
« Reply #10 on: July 07, 2014, 11:28:32 PM »
I think security concerns and horror stories are a huge reason for lack of adoption.  We should put together a BitShares common sense security best practices guide.  Will BTSX wallets allow for watching only wallets and offline transaction signing?

Offline Troglodactyl

  • Hero Member
  • *****
  • Posts: 941
    • View Profile
Re: Stolen fund alert system?
« Reply #11 on: July 08, 2014, 12:47:34 AM »
I think security concerns and horror stories are a huge reason for lack of adoption.  We should put together a BitShares common sense security best practices guide.  Will BTSX wallets allow for watching only wallets and offline transaction signing?

 +5%

Making offline transaction signing and multisig accessible to newcomers I think should be an early priority once the basics are done.  I don't remember enough detail to be sure if TITAN would cause problems for watch only wallets with no private key access.

Offline Agent86

  • Sr. Member
  • ****
  • Posts: 471
  • BTSX: agent86
    • View Profile
Re: Stolen fund alert system?
« Reply #12 on: July 10, 2014, 03:39:17 PM »
Maybe not such a crazy idea...
Someone in NXT community "klee" just lost over $1,000,000 having their NXT stolen.  There have been a few big recent horror stories in that community with scams etc. https://nxtforum.org/general-discussion/price-speculation/5440/

We have a duty to do whatever we can to protect our shareholders and not make the BitShares story riddled with heartbreak and loss.  Not everyone that we reach will be super knowledgeable and security conscious.  I think we are pretty far ahead of any competition and there is a risk in pushing things out too fast.  We don't really need to release a buggy or dangerous code just to rush it.

I would probably support upgrading PTS to DPOS before releasing BTSX.  It could give us a feel for DPOS without worrying about complicated hard forks and potential issues upgrading to Polymorphic BitAssets.

Maybe with DACs that have the ability of self-governance we could do more if disasters strike.

Offline gamey

  • Hero Member
  • *****
  • Posts: 2253
    • View Profile
Re: Stolen fund alert system?
« Reply #13 on: July 10, 2014, 06:14:06 PM »

I think everyone in the crypto world except hacker-thieves wants better protection of wallets.   I'm just not sure if there is a really good system.  I did see this from the thread referenced above.  https://nxtforum.org/cryptopapers/(feature)-local-two-factor-authentication-for-cryptopapers-and-any-client-app/ 

It is very difficult to have 2 factor authentication because it always relies on a central point.  Whatever out of band method to authenticate the 2nd factor requires some degree of trust in a centralized entity.  This disturbs me, but I suspect it is better than the alternative.  The beauty of the system above is it apparently forces you to print out your private key.  So worst case you can start over with wallet access via the printed paper.  The key is to force people to do it, so that the 2nd authentication mechanism can never be used as a way to permanently revoke access. 

In the NXT example the guy had his passwords in an unencrypted file on dropbox. 
I speak for myself and only myself.

merockstar

  • Guest
Re: Stolen fund alert system?
« Reply #14 on: July 10, 2014, 07:28:48 PM »
No sir, I don't like it.

Too much he said she said involved. We'd have to set up a BitShares justice system.

Hey maybe that could somehow be a DAC?

I think security concerns and horror stories are a huge reason for lack of adoption.  We should put together a BitShares common sense security best practices guide.  Will BTSX wallets allow for watching only wallets and offline transaction signing?

I do like this. Maybe I'll adopt this as my next writing project.

 

Google+