> the bandit's account held 38,000 ether, worth more than $54 million at the time. In the year since then, Ethereum's value has plummeted, reducing the value of the blockchain bandit's haul by about 85 percent.
> "Don't you feel bad for him?" Bednarek asks with a laugh. "You have a thief here that amassed this fortune and then lost it all when the market crashed."
Small amounts are somewhat easy to exchange, if you want to exchange millions it gets much, much more difficult since you have to explain the source of funds to the exchanges and banks involved. If you have hacked them they will use blockchain analysis etc.
If you have to explain where it's from it may be more suspicious if it looks like you took steps to hide the origin, calling for even more detailed proofs.
If you're in the US getting dollars wouldn't be hard.
Laundering it appropriately that wouldn't raise questions might be a bigger issue. By no means impossible but a challenge that all by itself could get you in trouble.
It'd probably be easier to just withdraw a small monthly amount (<500$) to pay for bills and such. I'd be a good way to pay for non-essential things, maybe even rent.
If you're small-scale then this works. I imagine big wallets are being tracked by governments, you probably don't want to create a log that can be traced to you.
Ultimately, big-scale heists will always need money laundering.
That statement doesn’t make sense. The dynamics of open markets with open trade data that make spoofing difficult (e.g. the stock exchanges) are very different than a rigged market.
So not the same reason for boom/bust cycles at all.
>The dynamics of open markets with open trade data
Well the mortgage data was available, but no one looked into it until they did, and even then the smart money bet against the market...yet everything remained AAA rated for years despite the known toxicity, turns out the ratings were rigged also.
It’s pump and dump schemes all the way down, public markets/crypto markets it make no difference. There isn’t an economist alive who doesn’t say the stock market is significantly overvalued at this time and yet...historic highs remain, until they don’t.
As someone who started a 401k fresh out of college in 1988, this fear will be in the back of my mind until convert my entire portfolio into bonds. Probably in a few more years it'll begin.
The price is easily manipulated due to the low liquidity of the BTC market. The blockchain itself is irrelevant when discussing trading/price manipulation.
S&P 500 E-mini futures have a notional value of roughly $147,000 right now, and on average, 1-2 million contracts change hands daily.
On average, about 35 billion dollars of SPY, a single S&P 500 ETF is traded daily.
It's hard to find accurate BTC average daily volume numbers, but probably somewhere between 1 and 10 billion dollars daily.
So yes, bitcoin is an extremely thin market compared to the market depth of 2 extremely liquid assets, both of which pale in comparison to the 550 billion USD daily volume of the treasuries market.
BTC does have the tightest bid/ask spread of pretty much any asset that is traded, as a percentage of the asset's value. It's typically a penny to a few cents on the major exchanges, which is a few thousandths of a percent.
Blockchain is absolutely riggable, that’s what a famed “51% attack” is, but that’s not what we’re talking about.
Very little blockchain activity happens “on chain”, and absolutely none of the buying/selling to and from other currencies (including USD) does, because thats not possible. Instead most activity happens on exchanges, which hold onto coins for the user and track account balance in a SQL database just like a traditional exchange. Only if a user moves between exchanges or takes possession of their own coins (a rare occurrence) does an on chain transaction happen, otherwise the rest happens in a SQL database somewhere.
These exchanges are absolutely full of straight up fraud, with some analysts claiming up to 95% faked trade volume. Most exchanges trade on their own account, sometimes badly, and the seediest didn’t even require that you create 2 accounts to wash trade. In this case the on chain transactions aren’t rigged, but the price sure is.
Note: these are the exchanges that also famously get robbed (or “robbed”) and go bankrupt with their clients money. Examples famously include Quadrigacx, Mt. Gox, and others.
> Blockchain is absolutely riggable, that’s what a famed “51% attack”
that sounds a bit FUD-dy. 51% allows you to make a double-spend, not "absolutely rig" the blockchain. even with 100% hashrate you won't be able to spend bitcoins without having a private key.
If another user broke the guidelines (such as by accusing you of shilling) and we missed it, you're welcome to let us know by emailing hn@ycombinator.com. Or by simply flagging the comment, which usually brings it to a moderator's attention.
I have no idea how what I said was nasty or personal, unless if describing past experiences and personal wishes are against the rules. I’ve reported plenty of things they’ve said to me, I believe some of them got modded away, and I’m expressing an interest to not engage with them again over the same things. How is that personally nasty?
Let me try to explain. The main thing is: if you're combining personal language with pejoratives, your internet comment is likely to come across as a personal attack, unless you find a way to explicitly show that you don't mean it that way. That is not always so easy, so it's safer just not to combine personal language with pejoratives in the first place. By pejoratives I mean words like "negative", "bait people", etc., but also grammatical constructs like "I'm not going to X with you just so you can Y" and "If you want to X, find someone else", which carry a reproachful charge.
In the case of that particular comment, your use of hyperbole intensified the effect. "I’ve had enough negative experiences with you for one life" is the sort of thing said by lovers who are about to become exes. Ditto for "I’m not going to chat with you just for you to call me an X again", and so on. This language is way, way too intense for an internet forum disagreement. If you go there, then on a meta level you're communicating something much more personal than the format calls for. Even if the other user did treat you unfairly in the past, you end up positioning yourself as the one who is most out of line, and your comment is likely to strike most readers the way it struck me.
It seems that we have wildly different definitions of what pejorative means. I am describing my experiences, their actions, and my wishes. I’m not labeling them as a person or describing them in intrinsic ways. If saying “you did X to me” or “I don’t want Y” is pejorative I’m not really sure what to tell you.
If I’d said “you’re an X person” or “you’re Y”, I would understand. But I didn’t do that.
I would also like to point out that my complaint about them interpreting my words in bad faith, a pejorative according to you, was exactly what they were doing in that comment, as they literally made up a weak argument on my behalf and then shot it down. (I also must complain about the FUD bit, which I’d argue is similar to calling me a shill).
Next time I’ll just flag and move on I guess, but I genuinely do not understand what you’re on about here.
rigged market is one argument. another is that price discovery is still in process, it's still a relatively new commodity, there's as much reason for it to go up as there is to go down. bull run of 2017 was no different from one in 2013 and 2010 before that - there's no strong argument to say 2017 was the last one.
Blockchains have a 3-way mechanism of value, security and adoption, which are also strongly tied to network effects. The value somewhat follows the square of the number of users. That's why the strongest will get stronger, in value, security and adoption.
Obviously the market value is based on speculation which tries to predict the future development, and is also strongly affected by the current mood of the markets. That's why there has been a constant increase in value and in addition cyclical 'bubbles'. Currently it seems that the market is starting an another 'bubble cycle'.
There isn't enough users and security for all blockchains to be valuable.
> Despite tracking those transfers, Bednarek has no real idea of who the blockchain bandit might be. "I wouldn’t be surprised if it’s a state actor, like North Korea, but that's all just speculation,"
Given how "easy" the attack actually is, I see no reason to suspect a state actor. This is a genuine question: why don't people start by suspecting some kind of criminal organizations like the mafia instead?
Or more generally, why do so many people attribute particular competence to, uh, state actors?
While he was at the NSA, Edward Snowden complained that it stores more information on Americans than on Russians. He complained that that's illegal, but there's another remarkable facet to it: How good is the NSA at collecting information from Russia, then? I can hardly believe that the NSA tries to collect more data on Americans than on its actual mission, so how good is the NSA at its mission?
There are many other examples, like the German service that's supposed to monitor the nazis and missed the a group that made and sold a DVD about its killings.
It seems so strange to assume higher-than-average competence in organisations like that.
In general, it makes sense to assume that stuff which irrespective of competence would require large amounts of resources, access to intercepts or the ability to flagrantly breach local laws without anyone stepping in might have state involvement, especially if there's an obvious motive for the state to target that person/organization.
Not convinced that guessing private keys of anonymous randoms for a few million in assets of limited fungibility falls into that category. I'm not sure it's a question of competence in this case so much as why would a state be the ones tackling these accounts, when a lone criminal with relevant knowledge of cryptography would have the ability and a lot more motivation to do it?
Why would a criminal leave the coins to sit in the final wallet undisturbed? The article said the wallet only had incoming transactions and never sent any coins anywhere. Surely if you're a criminal organization stealing cryptocurrency you'd want to actually use it.
It's not necessarily the only wallet a criminal has access to, and most people don't draw on their savings account all the time. Can't fathom why a government would want to write algorithms that quietly steal tokens from thousands of random individuals unfortunate enough to have particularly crackable private keys and send them to a particular dormant account either. It's not like there's a lack of other crypto-heist stories out there.
A government has a much more plausible reason to be willing to siphon off and stockpile large amounts of cryptocurrency without using it, just in case they ever do need to have a bunch of coins on hand for something.
The NSA is probably better at domestic surveillance because it's much easier and/or cheaper than foreign surveillance. If people of the same ability level work on both, the domestic results will be better. That doesn't meant the NSA is incompetent.
Collecting data, and further, processing that collected data, is fundamentally different than executing a difficult, targeted attack.
State level actors have massive amounts of resources, which makes them uniquely situated to perform difficult tasks like cracking encryption keys or developing insanely complex exploits.
So - the particular competence people give state actors generally has to do with that level of resources, while the same state actors are accurately attributed the incompetence that comes with large bureaucracies.
Why not a 15 year old script kiddie? All you need to coordinate this attack is some anonymous server power that cannot be linked to you, and it's not something that's very hard to come by.
Depends on how weak the keys are. They say some were trivial, but it's possible others still had enough entropy to require a lot of brute forcing. Most 15-year-olds don't have a lot of capital to deploy.
Yeah.... if the first ones were trivial and acted as a proof of concept, that would generate enough money for them to invest in better servers with more distance from the actual person running it.
> why don't people start by suspecting some kind of criminal organizations like the mafia instead?
Same logic as you've just used: it's so easy you don't need to be the mob. What would their edge be anyway? All you need is enough money to rent some cloud servers.
Because they haven't cached out? If you don't cash out, then the point is something other than just getting the money. The amount seems excessive for someone that is just a researcher, so a state actor that is trying to destabilise the whole system makes a bit of sense.
At one point a couple of years ago, for testing purposes, I created a brain wallet (that is, a short phrase that when hashed would yield a key pair) in Bitcoin testnet so that a group of people could each have access to them for testing purposes. It was just a simple substitution -- a common enough word with 3's and !'s mixed in. For testnet coins, which are worthless, it seemed harmless enough.
It was "stolen" literally minutes after first depositing the coins at the address; we assumed by someone running a monitoring daemon looking for a large rainbow table of bitcoin addresses, and testing out there efforts on the testnet. I wonder how many bitcoins they managed to extract once they put their system into production.
It's possible. We did a cursory look for the destination address to see what was happening. If I were a whitehat looking to educate people I would publish the destination address with a message saying what had happened, and probably send the coins back to one of the testnet faucets. As it was it looked like our coins went to a single-use address and sat there, which seems like more of a black-hat strategy.
I don't remember the address we used, though. Here's [1] a similar one, for "correct horse battery staple" -- the funds were moved (in the same block) from the address to a single-use address where they sat.
> I would publish the destination address with a message saying what had happened
Bitcoin does not support embedding messages in addresses (and embedding messages in transactions is controversial as it will be stored in blockchain forever, so many block explorers do not render such messages to discourage it).
It was testnet, though, so worthless, and easily obtained (in small amounts) from a testnet faucet (like [1], [2], or [3]). We considered continuing to share, but in the end it was just easier for individual developers to obtain their own and use them for testing rather than managing a central pool.
To clarify the title: they’re guessing insecure private keys, not keys generated by normal (and not buggy) wallet software.
This isn’t surprising. “Brain wallets” have been been discouraged for a long time now. Unless you really know what you’re doing it’s easy to accidentally pick an insecure phrase. Even a paragraph of text from, say, an obscure book will probably eventually be found, if that book ever ends up digitized on the Internet.
The safest way is to generate a truly random key, then map that to a wordlist like BIP39 does.
Can anyone read the article on mobile ? Half the page is covered by a stupid overlay telling me i got two articles left to read. If only i can read the first one !
Yes, by using something like uBlock Origin's advanced mode, you can disable js selectively (per site), even on mobile. It makes a huge difference on the data usage, which is important when your mobile data is limited.
If you're on iOS, try a little blocker app called Unobstruct - it has a share sheet extension that strips off all obstructing overlays (social media sharig stuff, dickbars, etc) when activated. Very effective, and on demand.
People used to do this to bitcoin addresses all the time back in 2013, the same servers are probably still running
I always thought about all the opportunities to do it on other blockchains, but the challenge of picking which blockchain would be so taxing
Now that this season there are several high values one like Ethereum you can easily choose
The concepts are the same for all of the chains
Also lol at state actor. Guessing a private key of “1”? Come on. People were doing this with entire phrases from obscure songs and poems 6 years ago. No brainwallet is safe. Deflecting is a great way to get away with hacking
It's much easier! Just call ethereum's `crypto.ToECDSA` [1] with a big-endian encoded 256-bit unsigned integer of interest, e.g. 0x1 or 0x100, as described in the article. Try the resulting private key.
There are many addresses created from integers under 1000000. This is nothing special. There are also many addresses created from basic words converted to sha256 and the used as the primary key hex. Eg, ‘Satoshi Nakamoto’ .
Any idea why the keygen failed so badly? Debian's openssl patches generated predictable private keys for a while but they wouldn't be a single digit. It's Wired so I don't expect technical details but some info woukld be nice.
Yeah but I'd like to know how the unintentional mistake was made. Eg
- Debian OpenSSL was a Debian dev trying to prevent use of uninitialised memory (because Valgrind complained), without realising that uninitialised memory is used for randomness.
- Years ago a bunch of PHP stuff (I forget what) was seeded with the string value of a randomness function, rather than it's output.
> without realising that uninitialised memory is used for randomness
It was more subtle than that: there were two identical calls, one of which added uninitialized memory, while the other added real entropy. The developer mistakenly removed both, thinking both were equally useless, instead of only removing the one with undefined behavior. To make things worse, another call added the current PID, so the results weren't identical every time. See more detail at https://research.swtch.com/openssl
This part was interesting: "Bednarek then tried putting a dollar into a new, previously unused weak key address. It, too, was emptied in seconds, this time transferred into an account that held just a few thousand dollars worth of ether. But Bednarek could see in the pending transactions on the Ethereum blockchain that the more successful ether bandit had attempted to grab it as well. Someone had beaten him to it by mere milliseconds." [emphasis mine]
It seems like there is an arms race of Blockchain Bandits leading to HFC-like systems aiming to try out as many generic private keys as possible as quickly as possible.
I discovered this personally when writing some bitcoin code.
I got to a stage where I wanted to test my code all the way to the BTC blockchain. I figured I'd stick in the randomizing seed later, and just make sure I could talk to the blockchain. To my surprise, every time I made a transaction I'd see another one on the explorer sites, emptying my new address. I did it a couple of times thinking I'd coded something wrong or something like that.
As the stream of transactions goes up, how difficult is it to keep up with them to pull this kind of heist off? Actually, I don't even know how many transactions/sec are happening in the Ethereum/Bitcoin world right now. Is there some sort of a stream one can subscribe to, to see what transactions are happening, and try to compromise them?
Just run a full node and your peers will send you new transactions. Ingest them from the node’s RPC interface into your own application for processing. Send your own transactions out through the same node.
It can't. At least, not without systems for off-chain transaction settlement, like the Lightning Network -- which brings a bunch of new complexity and new problems with it.
I spent a few weeks last year running a server on the head of the ethereum chain looking for any up coming transactions with notes containing something in a private key format. I was shocked at the number of notes which mapped to real wallets
Ethereum is the world currency. Everyone is using it. Criminals and script kiddies are running scripts that guess completely random private keys. Occasionally they make hits and steal people's wealth.
What's the next step in securing your wallet? Making sure your wealth is stored across a million wallets?
This hypothetical starts to look silly when you do the math. Rolling random private keys is effectively a form of very inefficient mining. You'd spend a ton on electricity, and your odds are lower than just buying a lottery ticket.
The so-called masculine pronouns can be gender neutral. Their use is usual and proper when the gender of someone is unknown. This is true of practically every language on Earth.
Another way to see it is that he/him/his are always gender neutral, and only the feminine forms are gendered for clarity when context calls for it. Most often context does not, which could be why you’ll so regularly hear all-women groups referring to each other as “guys”.
Millennia of human societal development doesn’t care about the enlightened PC arrogance of 2019.
Sure, there are reasons why having gendered pronouns at all can be bothersome in today’s world. There is some merit to the idea of doing away with them, but you can’t force cultural change on human beings. Even if we move to gender neutral pronouns, the zeitgeist would most likely simply revert to he/his/him like it always has, rather than some contrived “xe” or similar such.
>The so-called masculine pronouns can be gender neutral. Their use is usual and proper when the gender of someone is unknown. This is true of practically every language on Earth.
In theory, sure.
But imagine I told that riddle where the solution is "the surgeon is the boy's mother". But I kept referring to the surgeon by the "gender neutral" pronoun "he".
You wouldn't feel like you had been misled? You wouldn't feel I had committed to a gender?
I'm not a fan of being super-PC about pronouns, myself. But you have to admit, they do trick you into certain assumptions about the referent that can lead you astray (unless you practice Herculean levels of epistemic hygiene).
I'd rather err on the number than accidentally rule out a gender.
> But imagine I told that riddle where the solution is "the surgeon is the boy's mother". But I kept referring to the surgeon by the "gender neutral" pronoun "he".
In that case you would indeed be deliberately misleading your hearer. Given that you know the gender of the surgeon, and indeed this information is key to your riddle, you would be expected to use a specifically matching pronoun (if any - in practice, of course, the riddle is carefully phrased so as to avoid using a pronoun for the surgeon).
That's not comparable to referring to an unknown person of unspecified gender, where the long-established English convention is to use "he" as a non-gender-specific singular pronoun.
You can't both say that "he" is a gender neutral pronoun for a generic person, and that I'm affirming a specific gender for said person with "he". Those are directly contradictory.
"He" - like many words - has multiple meanings and usages. Context matters. In some contexts, it is an unambiguously male pronoun. In others, it's not.
It doesn't work to pick just one specific definition, and then interpret the word according to that definition in every context. Human language is rarely that rigid.
Generally I agree with you. However using "he" also doesn't cost anyone anything in this context. After reading I couldn't have told you if the author had used "he," "she," or "they" until you mentioned it.
No. Any reasonable reader can conclude that the author does not know the identity of the perpetrator thus "he" is simply a placeholder for an unknown person. Yes, they author could have used, "they" instead, but they didn't. Hardly a mortal sin.
The story has absolutely nothing to do with whether the perpetrator is male, female or a group of people. Not everything needs to have a social justice slant. Arguing about the use of gender pronouns in this context is nonsensical and devalues the entire mission of gender equality. There's a reason why "social justice warrior" has become a derogatory term. Inciting fights over minutia only serves to piss off reasonable people who might otherwise be on your side.
While the usage of pronouns in this particular article has no impact on gender equality, the sum of the hundreds of other that do the same absolutely have one.
It feed the expectation that hacker are all men, which push away women, which makes it more true.
And since most people are not aware of this it does make sense to inform them.
A bunch of others have made the obvious reply, that knowing the keys doesn't transfer legal ownership.
But you still have a good point: Ethereum -- which the article is about -- specifically endorses the philosophy of "code is law", that you can actually replace all of law enforcement and courts with smart contracts on the blockchain, that there's no need for an external power to override its results.
Dumb contract spec? Give out the private keys? Tough. "Code is law."
This is a philosophy not universally held by blockchain advocates, but definitely held by Ethereum advocates (if inconsistently -- see DAO hack). So it's a fair response in this case.
That's like saying: If you know the vault combination at a bank, the content is yours.
In the end, you still have to obey the laws of the land. No mater how decentralized some tech is, it's still attached to some country, and thus its laws.
That assumes there's some state that accepts or claims the responsibility of arbitrating issues of cryptocurrency ownership, and has both the capability and the will to enforce its rulings.
Which seems like just the kind of dependency many crypto-enthusiasts are trying to avoid; and it's unclear to what extent states are interested in taking on that responsibility.
Without that, it really is a wild west out there, where anyone who can guess my key is free to claim my wealth. That model may appeal to some people, but I doubt the general public will care for it.
It sounds like that guy created what appeared to be a legitimate wallet creation service, and then emptied the accounts of anyone who used it. That definitely sounds fraudulent.
We don’t know if the person “guessing” Ethereum keys is also the one generating them, but from the article it seems there are multiple people scanning for known keys, so at least some of them aren’t intentionally duping users.
Cryptocoin theft also seems have the same advantage as a buried bag of cash in that criminal prosecution doesn't prevent you from still owning the goods.
I suppose there's restitution, depending on venue.
In general governments are more than happy to arbitrate civil issues of ownership regardless of the property, but there may not be much appetite to pursue criminal investigation.
You really don't have to if your own state has a complete disregard for the laws that a third party state with a grievance tries to apply to you, which is the reality for a lot of people.
Same with anything really. If you know my password everything in my bank account is yours too. A private key is simply a very complex password.
Unfortunately crypto’s greatest strength (that it’s akin to cash) is also it’s greatest weakness. There’s no way to set up 2FA like I can with my bank and there’s no fraud protection, etc.
And how many people do that? Is there an organized process for advocating that?
I guess what I’m really asking is: does Coinbase do this? Because honestly, if Joe User doesn’t know to do this and it’s not made available through the most popular consumer interface... it doesn’t matter.
2FA should be enabled for any centralized accounts, like exchanges, but there’s no authority who could require a second factor for a real Bitcoin wallet.
Edit: multi-sig has been available for a while, so I suppose that could almost be considered 2FA
Crypto is putting something in a magic box with a sign on it that says "contents property of the first person to utter the magic words". "Your" cryptocurrency is not yours. It's "owned by" the magic words, not you. You can assign new magic words, but you can never insert yourself between the crypto and magic words, until you cash out the crypto to some other form of currency.
I agree if we are talking about legally theft. If people are going to turn to the state to protect their crypto, what is the point of crypto? Just use state backed money in that case.
IMO it's a little different on if it's morally wrong/theft.
But also because crypto is totally unregulated -- and by the rules of the game, if you have the keys, you have the coins -- you have zero recourse. Not that it could be reversed anyways. In both these real-world cases, you've got the police.
That applies to regular theft as well, it's illegal and still it happens.
I'm not a lawyer, but I'm pretty sure that using a guessed key to transfer funds is as illegal as using a guessed password would be to transfer funds from one bank account to another or using a "guessed" house key to enter a house and walk away with the TV.
That's not to say that you have a lot of options to get your ether back, but that's not fundamentally different from regular theft either.
> but that's not fundamentally different from regular theft either.
Regular theft certainly occurs and is illegal, however this scenario is entirely different from the most common types of regular theft.
A criminal operating in a foreign nation is going to steal: physical items from my house, my wallet, my car, items in my car, my bike, the watch on my arm, the tv in my living room, valuables in my home safe, valuables in my safety deposit box (that one is very difficult in general)? Nope.
The most common types of regular theft involve physical items that are physically lifted. Even most bank account scams are performed domestically, not internationally.
There is an extraordinarily tiny set of potential criminals likely to, or capable of targeting me when it comes to the most common forms of regular theft. It is not open to a global-scale competition as in this 'blockchain bandit' case.
A friend recently had their vehicle broken into. A thousand dollars worth of physical items were stolen. Half of it was recovered quickly by checking local pawn shops. Good luck doing anything like that with Ethereum and a foreign bandit.
> A friend recently had their vehicle broken into. A thousand dollars worth of physical items were stolen. Half of it was recovered quickly by checking local pawn shops. Good luck doing anything like that with Ethereum and a foreign bandit.
That's true, at least for recognizable things. If the thief steals currency, e.g. a stack of dollar bills, you'll have about the same potential to get those bills (or others) back unless you locate the thief. The jurisdiction adds a layer of confusion, but that's not the relevant part imho. If I break into your mail account and illegally transfer your domains to my hoster, you'll have high chances to get them back, even if I'm in another country or continent, because there's a central authority that has the power to make it happen if you can provide sufficient proof. There's no such authority for ether (well ... they could fork, but realistically, they won't) or cash, and that's what makes it hard.
> This is basically theft where there is no risk for the thief.
Sure, my point is just that the difference isn't in legality or possibility for recourse, but in the probability of successful enforcement of the law. The problem isn't so much that the thief is in another country, even if he lives next door to you, it's impractically hard to track him down unless he makes a mistake.
You can exchange for Monero to gain anonymity, and there will always be a way if you're willing to pay for it. 80% of a few millions is still a good sum.
It doesn't. With credit cards we get (included at no additional cost) 30-day loans, chargebacks, various forms of insurance and rewards for spending. None of those exist with any kinds of cryptomoney. Privacy isn't really improved with most forms of cryptomoney as you have not anonymity but pseudonymity of fully public information. Once you identify anyone (as any merchant or transaction recipient can) you can immediately access their entire transaction history all the way back to day 1. Any reasonably advanced government agency can build tools to crawl and deanonymize network participants too.
>But also because crypto is totally unregulated -- and by the rules of the game, if you have the keys, you have the coins -- you have zero recourse.
I don't think that's true. If you could go to the cops with dead-to-rights evidence that someone stole your coins, pretty sure the cops could still charge them with larceny because the law still views cryptocurrency as a form of property. Plenty of people have been charged with crimes for stealing cryptocurrency -- the ex-secret service agent who stole from the custody of the Silk Road investigation comes to mind.
It's just that catching and prosecuting cybercriminals across jurisdictions is a _very_ hard problem that it might as well be that you have "no recourse" in 99.99% of cases.
> But also because crypto is totally unregulated -- and by the rules of the game, if you have the keys, you have the coins
Nothing could stop you from opening a business that would offer insurance in case of key theft. Most banks offer around $100k (depends on the country) in case they go bankrupt or robbed which is very little if you have life time savings in them that are way more than $100k. Big banks have an advantage though in that if they ever go bankrupt they tend to be bailed out by the government which is hard to replicate as a business (you still end up paying for it through inflation so you don't technically get your money back when your bank goes bankrupt as the total value of your money goes down).
> Nothing could stop you from opening a business that would offer insurance in case of key theft.
There is no way to prove a key was stolen and no way to prove the theft was not a fraud. Insurance is backed up with jail time for insurance fraud and is STILL rife with fraud (especially automotive insurance).
Blockchain theft insurance is not a business that would survive long.
One aspect that would be interesting is: I would expect that after an insurance payout the stolen coin would be legally the property of the insurance company. The stolen coin would accumulate on the books of the insurance company, which could then pay a premium to a recovery agency to get it back.
Of course the anonymity factor would make it all difficult, but on the other hand you can't ever truly abscond with the cash. If they could trace the movement through the ledger to a legitimate business entity that respects the same country's laws, they might be partially recoverable.
At a small scale it would be a waste of time, but on a large enough scale it might work.
> Blockchain theft insurance is not a business that would survive long.
Why not? If they only garanty $100k and everytime you lose your key you get to pay more like car insurance. Making it more expensive to fraud with time. Not to mention all the fraud detection mechanisms that could be put in place and jail time could still apply if you're caught frauding.
> Nothing could stop you from opening a business that would offer insurance in case of key theft.
I don't think insurance models work for this. How can the insurance company verify that the key wasn't stupid simple? It seems very hard to determine prices and premiums if can't assess the 'risk' - knowing that all 'risk' comes from the potential of user-error and nothing else
Also, there's the issue that in our financial system its very difficult for the common person to transfer all of their money to another account they own and call it theft. If I'm not mistaken that is a possibility with every single cryptocurrency, right?
I would expect that to get a reasonable premium, you would have to agree to follow certain best practices that would reduce the risk profile. Implementation would of course be hard.
You could be forced to use something like coinbase where they store your private keys. Actually coinbase already provides some kind of insurance in case they get hacked.
> "Don't you feel bad for him?" Bednarek asks with a laugh. "You have a thief here that amassed this fortune and then lost it all when the market crashed."
Well, 15% of $54M is still $8M.