Author Topic: Sent money to "bter" or other scam accounts? Here's how to prove what you sent.  (Read 3190 times)

0 Members and 1 Guest are viewing this topic.

Offline milkmeat

  • Full Member
  • ***
  • Posts: 84
    • View Profile
  • BitShares: milkmeat
BM, thank you for sharing the progress, it is a very important feature.

I just think of another option which is to support "verified account". Oppose to anonymous account, the user can optionally provide his name/address/ID and publish to the block chain. He can also invite one or more 3rd party "notary people" to endorse for the information he provided. Notary can review the photocopy/original copy, or even visit his address in person to make sure those information are real. We can apply the reputation system to both the notary and the user. So when people are doing transactions, they have confidence that they are dealing with a trustworthy party.

Is this also kind of on your road map?

Offline bytemaster

Is there a technical solution to such scam from happening again?

As Bill Gates mentioned when asking why bitcoin is not good enough ( https://www.cryptocoinsnews.com/bill-gates-bitcoin-bitcoin-alone-not-good-enough/ )

“There’s a lot that Bitcoin or variants can do to make moving money between countries easier and getting fees down pretty dramatically. But Bitcoin won’t be the dominant system. When you talk about a domestic economy, [you must have] the idea of attributed transactions, where if you sent it to the wrong person you could actually get the transaction reversed. [And a traditional system] doesn’t have this huge fluctuation where the value of your account is going up and down by a factor of two. We need things that draw on the revolution of Bitcoin, but Bitcoin alone is not good enough.”

BitAsset fixed the problem that the fluctuation is changing too much. And we need to address the case when user really want to reverse a transaction. I can think of two solutions suppose you are transfering a large amount to others:

1. use multi-sig to protect the transfer. The exchange can hire an auditing people to review and approve any transfers. It's difficult for a person to make both destination address and auditing address wrong.

2. allow the transaction to be in "holding" state until  certain blocks later. Such as bitcoin can do. The sender can withdraw the transaction during this period. But this doesn't seem to be helpful for careless people.

toast, what are the thoughts from the developer team?

If all transfers are "escrow" transfers then you can send the funds, "verify receipt", then release the funds.   

...can BTS do that? Is it in the pipeline?

Sounds like a good solution to me.

Already implemented and scheduled for next DevShares release.
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline nomoreheroes7

  • Hero Member
  • *****
  • Posts: 756
  • King of all the land
    • View Profile
  • BitShares: nomoreheroes7
Is there a technical solution to such scam from happening again?

As Bill Gates mentioned when asking why bitcoin is not good enough ( https://www.cryptocoinsnews.com/bill-gates-bitcoin-bitcoin-alone-not-good-enough/ )

“There’s a lot that Bitcoin or variants can do to make moving money between countries easier and getting fees down pretty dramatically. But Bitcoin won’t be the dominant system. When you talk about a domestic economy, [you must have] the idea of attributed transactions, where if you sent it to the wrong person you could actually get the transaction reversed. [And a traditional system] doesn’t have this huge fluctuation where the value of your account is going up and down by a factor of two. We need things that draw on the revolution of Bitcoin, but Bitcoin alone is not good enough.”

BitAsset fixed the problem that the fluctuation is changing too much. And we need to address the case when user really want to reverse a transaction. I can think of two solutions suppose you are transfering a large amount to others:

1. use multi-sig to protect the transfer. The exchange can hire an auditing people to review and approve any transfers. It's difficult for a person to make both destination address and auditing address wrong.

2. allow the transaction to be in "holding" state until  certain blocks later. Such as bitcoin can do. The sender can withdraw the transaction during this period. But this doesn't seem to be helpful for careless people.

toast, what are the thoughts from the developer team?

If all transfers are "escrow" transfers then you can send the funds, "verify receipt", then release the funds.   

...can BTS do that? Is it in the pipeline?

Sounds like a good solution to me.

Offline bytemaster

Is there a technical solution to such scam from happening again?

As Bill Gates mentioned when asking why bitcoin is not good enough ( https://www.cryptocoinsnews.com/bill-gates-bitcoin-bitcoin-alone-not-good-enough/ )

“There’s a lot that Bitcoin or variants can do to make moving money between countries easier and getting fees down pretty dramatically. But Bitcoin won’t be the dominant system. When you talk about a domestic economy, [you must have] the idea of attributed transactions, where if you sent it to the wrong person you could actually get the transaction reversed. [And a traditional system] doesn’t have this huge fluctuation where the value of your account is going up and down by a factor of two. We need things that draw on the revolution of Bitcoin, but Bitcoin alone is not good enough.”

BitAsset fixed the problem that the fluctuation is changing too much. And we need to address the case when user really want to reverse a transaction. I can think of two solutions suppose you are transfering a large amount to others:

1. use multi-sig to protect the transfer. The exchange can hire an auditing people to review and approve any transfers. It's difficult for a person to make both destination address and auditing address wrong.

2. allow the transaction to be in "holding" state until  certain blocks later. Such as bitcoin can do. The sender can withdraw the transaction during this period. But this doesn't seem to be helpful for careless people.

toast, what are the thoughts from the developer team?

If all transfers are "escrow" transfers then you can send the funds, "verify receipt", then release the funds.   
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline milkmeat

  • Full Member
  • ***
  • Posts: 84
    • View Profile
  • BitShares: milkmeat
Is there a technical solution to such scam from happening again?

As Bill Gates mentioned when asking why bitcoin is not good enough ( https://www.cryptocoinsnews.com/bill-gates-bitcoin-bitcoin-alone-not-good-enough/ )

“There’s a lot that Bitcoin or variants can do to make moving money between countries easier and getting fees down pretty dramatically. But Bitcoin won’t be the dominant system. When you talk about a domestic economy, [you must have] the idea of attributed transactions, where if you sent it to the wrong person you could actually get the transaction reversed. [And a traditional system] doesn’t have this huge fluctuation where the value of your account is going up and down by a factor of two. We need things that draw on the revolution of Bitcoin, but Bitcoin alone is not good enough.”

BitAsset fixed the problem that the fluctuation is changing too much. And we need to address the case when user really want to reverse a transaction. I can think of two solutions suppose you are transfering a large amount to others:

1. use multi-sig to protect the transfer. The exchange can hire an auditing people to review and approve any transfers. It's difficult for a person to make both destination address and auditing address wrong.

2. allow the transaction to be in "holding" state until  certain blocks later. Such as bitcoin can do. The sender can withdraw the transaction during this period. But this doesn't seem to be helpful for careless people.

toast, what are the thoughts from the developer team?

Offline ripplexiaoshan

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 2300
    • View Profile
  • BitShares: jademont
We already know the suspect's name, home address, etc.. If the victim needs, he can report to the police.
BTS committee member:jademont

Offline CLains

  • Hero Member
  • *****
  • Posts: 2606
    • View Profile
  • BitShares: clains
Brilliant. This should set precedent for any potential scammers.  +5%

Offline btswildpig

  • Hero Member
  • *****
  • Posts: 1424
    • View Profile
这个是私人账号,表达的一切言论均不代表任何团队和任何人。This is my personal account , anything I said with this account will be my opinion alone and has nothing to do with any group.

Offline toast

  • Hero Member
  • *****
  • Posts: 4001
    • View Profile
  • BitShares: nikolai
I'm curious, since we apparently know the scammer's identity...will this help in any way to recover lost funds? Have you reached out to him directly and is he willing to fix things? Or is this more of a way to find a list of ripped-off people to create charity funds for or something?

The chinese community is handling this. I have no idea what will happen. We know his IRL identity though.
Do not use this post as information for making any important decisions. The only agreements I ever make are informal and non-binding. Take the same precautions as when dealing with a compromised account, scammer, sockpuppet, etc.

Offline nomoreheroes7

  • Hero Member
  • *****
  • Posts: 756
  • King of all the land
    • View Profile
  • BitShares: nomoreheroes7
I'm curious, since we apparently know the scammer's identity...will this help in any way to recover lost funds? Have you reached out to him directly and is he willing to fix things? Or is this more of a way to find a list of ripped-off people to create charity funds for or something?

Offline toast

  • Hero Member
  • *****
  • Posts: 4001
    • View Profile
  • BitShares: nikolai
I would recommend sending these directly to Toast, just in case you accidentally dump sensitive information (actual funded private keys). Thoughts on this, Toast?

That's a good idea
Do not use this post as information for making any important decisions. The only agreements I ever make are informal and non-binding. Take the same precautions as when dealing with a compromised account, scammer, sockpuppet, etc.

Offline fluxer555

  • Hero Member
  • *****
  • Posts: 749
    • View Profile
I would recommend sending these directly to Toast through PM, just in case you accidentally dump sensitive information (actual funded private keys). Thoughts on this, Toast?
« Last Edit: January 22, 2015, 05:37:17 pm by fluxer555 »

Offline toast

  • Hero Member
  • *****
  • Posts: 4001
    • View Profile
  • BitShares: nikolai
Now that the owner of "bter" has been identified, let's find everyone who has been ripped off in the past. I'll make an Official List, and I won't be adding transactions made after today to it, so don't complicate things.

You can prove that you sent to a particular account by revealing the one-time private key for that TITAN transfer.

1)  Find the transaction id (for example, 552457fa)
2)  Enable raw console output:   "enable_raw"
3)  Dump the transaction:  "get_transaction 552457fa"
4)  Find the one-time public key:   

Code: [Select]
{
...
{
        "type": "deposit_op_type",
        "data": {
          "amount": 1000000,
          "condition": {
            "asset_id": 0,
            "slate_id": 4108812535180075062,
            "type": "withdraw_signature_type",
            "data": {
              "owner": "BTSdp9DtsF9tn2R6HyKz3d7FApFS8Lw3ag3",
              "memo": {
                "one_time_key": "BTS7SzpNGjVsQM6z6uHB5N8mDYnryW1G8HhK8g98Kap7mzi22WCN1",     <<<<<<--------- THIS ONE
                "encrypted_memo_data": "b1db28b96a5db7446d19269bc0cd6a974f92cd1fdcb86fe7b7a2a074de7700dbe3d244c585e263b054c54ecf9545d0e6ea3a6f8d538e88731c10eff7d78f0a67"
              }
            }
          }
        }
      }....
}

5) Dump the one-time private key:  "wallet_dump_private_key BTS7SzpNGjVsQM6z6uHB5N8mDYnryW1G8HhK8g98Kap7mzi22WCN1"

I get:   5JjoTS2uqSrn3Exud36dYQQ45a5z3GYC6GnAwP7FTxLUX6Apxuo

You should send this to me in a PM so that I can check that you didn't do anything terribly wrong and reveal info you shouldn't have. Everything that goes on the Official List will eventually be public.

This key comes from a private child derivation which means it will NOT reveal any other private information from your wallet.
This will let us check that you made this transfer by combining the account key for "bter" with the one-time key to decrypt your memo. I'm preparing the tool to do this now.
« Last Edit: January 22, 2015, 05:36:55 pm by toast »
Do not use this post as information for making any important decisions. The only agreements I ever make are informal and non-binding. Take the same precautions as when dealing with a compromised account, scammer, sockpuppet, etc.