Exodus Bitcoin Wallet: $490k swindle(popey.com) |
Exodus Bitcoin Wallet: $490k swindle(popey.com) |
A security product built by people who have zero understanding of actual financial security and how financial crimes actually happen. Truly astonishing.
"If only there was a mode or system of human transportation backed by long-standing institutions with a deep commitment to dirt trails and rideability that occurred at speeds which were safe for this type of thing."
*spits into spittoon*
Or perhaps not, and they have a ton of other wallets full to the brim with crypto-nonsense.
So hell yeah, it would matter, because that setup process alone makes you understand crypto better and why it's isolated from your PC. As others mentioned, that person later realized this.
When you plug a thumbdrive with keys on it into a computer the computer can just take the keys.
It's the same as the difference between a YubiKey and a thumbdrive with GPG keys on it.
A hardware wallet can make sense for "checking" purposes, but if you're only moving around small amounts of money occasionally, then you have to ask yourself whether one is worth using over a wallet app on your phone when the latter is more convenient.
http[://]example.com
> some rando thumb drive that no one knows the location of or knows exists
You still have this option with a hardware wallet. eg:
> some rando hardware wallet that no one knows the location of or knows exists
In theory.
> If you accidentally plug in the USB drive into some untrusted box, you could potentially have everything stolen.
This is like saying that no one should own a gun because you might point it straight at your own head and pull the trigger.
> You still have this option with a hardware wallet. eg:
Yes, that is true, but a hardware wallet is an extra piece of hardware that needs to be actively used to provide HD wallet keys for transactions. If all a person wants to do is store BTC for the very long term, then this approach is more complicated and hazardous than storing a non-HD wallet key pair on some physical medium; this is because a hardware wallet failure can result in loss of the ability to sign transactions, and chances are you're storing the seed phrase separately. Again, just for long term storage, there's next to no advantage between storing a seed phrase for an HD wallet and storing private and public keys. Depending on what a person intends to do with their money, a hardware wallet may provide zero value over the least complicated approach. Unless someone is paranoid over other people or the government knowing their balance, a single public address is more straight forward than managing an HD wallet.
- Principle of least privilege.
- Zero Trust.
- Compartmentation.
- Hardened Operating Systems with no malware and strong endpoint defense.
- Firewalls that whitelist only your IP and disavow everything else.
- 2FA/MFA/Biometrics auth for everything.
- Defense in Depth.
- Use crytography tools vetted from the community surrounding it, and use tools which are battle hardened.
Modern computing is very leaky and every node is malicious. You need extreme vigilance to safeguard crypto.
Are people up to the task of doing all this?
I'm asking because I lost crypto before, and now I'm more resilient and have better security posture.
Set up your own wallet and lose access? YOUR FAULT, DUMMY
Use an exchange and get hacked? YOUR FAULT, DUMMY
Use an exchange and they scam you? YOUR FAULT, DUMMY
Fall for a spearphishing email? YOUR FAULT, DUMMY
A flaw in the implementation that leads to an exploit? YOUR FAULT, DUMMY
Fail to maintain an EAL7-certified computing environment using only FIPS 140-3 level V cryptographic products in an ISO 27001:2022 Annex A.11.1-secured facility and something goes wrong? YOUR FAULT DUMMY-DUM-DUM!
It's never, ever, a flaw with entire concept-- it's always you.
Agreed, the extent of victim blaming in crypto is mind blowing.
1. Make a paper wallet, laminate it, put it in a safe location or maybe two
2. Use any exchange and send the coins to the wallet. Never leave any coins on the exchange
When you want to get them out again, this is the safest approach:
1. Boot Tails from USB
2. Enter your private key in Electrum (it's preinstalled in Tails)
3. Send to exchange and convert to fiat
If you want to do daytrading it's a whole other story
Crypto unfortunately requires people to be a lot more careful and knowledgeable than traditional fiat currency. And I don't think that will meaningfully improve anytime soon.
and that's an attack vector/point of doubt that you bring in into the equation. You need a trustful source for Tails, the USB drive and the surrounding OS.
One can turn it as one wants: "cryptos" are not safe.
And I am saying this as someone who's holding a handful of values on different crypto currencies. And I know it is insane.
No. Anyone who thinks they are is deluding themselves. There is no such thing as a setup that is 100% secure against human error (and nobody is infallible) or a sufficiently motivated and skilled attacker (and there are supreme amounts of motivation here).
The core problem is the lack of legal recourse. Anonymous, irreversible, distributed transactions for money are a really fucking stupid idea.
That is indeed the crux and the big advantage that traditional fiat currency has. And I believe that this is why crypto as a day-to-day currency won't surpase fiat.
The centralised trust and the government authority and enforcement of fiat is what enables millions of people to pay and transact so easily with strangers.
The problem has gotten much, much worse, not better, over the past decade.
Seriously, the idea that crypto (with its concomitant key management problems) is a solution for the challenges facing the poor in badly governed countries is rather absurd.
The same should be at Google Play and Apple Store. Scam apps and sanctioned apps are regularly passing through reviews.
amazing how little effort goes into UX these days.
When I create a transaction with Electrum on my computer, I use a hardware wallet to sign the transaction. When I sign the transaction, the hardware wallet shows the amounts, and the output addresses.
But if my copy of Electrum was backdoored and smart about what it did, it could use an output address for the remaining amount that went to another wallet. And since I and most people mainly check the address we are sending to but don’t pay close attention to the change address, we could end up having our funds stolen that way.
I’ve been thinking about moving to a multisig setup instead, that would have multiple computers independently used for checking and signing the transactions.
So far I’ve been putting it off because a single wallet and being diligent about checking the output address that you send to seemed sufficient. But now I think moving to a multisig setup is something me and more people should do sooner rather than later.
If you have the technical ability to create an app, you probably have the ability to upload something to /.well-known/ or to add a DNS TXT record.
That way the Snap store could say "This app came from this website."
OK, it doesn't help if someone goes to the trouble of registering a homograph address, but it would at least give normal users a chance to check out who the author is.
That seems to be how Flathub works. It shows a verified domain, or prominently says that it is a community released app.
> it connects to some API at https://www.exchangerate-api.com/
This is not necessarily right. The exchangerate-api.com site is hosted behind Cloudflare, so I don't know where it's actually hosted, but the IP addresses shown in bandwhich could be unrelated.
You also said:
> Visiting one of those IPs redirects to https://www.exchangerate-api.com/
It is common for malicious sites to redirect to legitimate sites to help evade detection, so it is possible that exchangerate-api.com is an unrelated and legitimate site.
The desktop on Linux has gone Flatpak.
If I'm running a server, why the heck would I trust Snap, a platform that until recently didn't even let me control updates, over Docker? If something goes wrong, who do I call? If I need a custom storage arrangement, who do I call? If I need a custom network arrangement, who do I call? If I need to scale up, who do I call? Why would I subject myself to this?
Is it IoT? Maybe it has a market there - but why doesn't it focus on being the best it can be, solely for that market, then?
One more note: Snap even allowing unapproved repackaging of apps was, in my opinion, a very bad idea in the first place. Case in point: Even the Snap homepage is advertising a community repackage of a password manager ("NordPass" - developer not verified). Why the heck should Snap be proud of that?
(Edit: Apparently NordPass's website does point to it - but the developer remains unverified. What's the point of verification...)
Sounds like assurances made by UX and Marketing, which engineering might've been able to tell them they can't make.
If it ends up costing them $490K plus legal fees, that's still a relatively inexpensive way to learn this lesson.
Source: I’m a former Canonical employee.
(Never understood why ‘be your own bank’ was meant to be at all appealing. Being a bank is terrible. And still realistically less risky than this sort of thing; apart from truly bizarre edge cases (see the Citi/Revlon drama), this sort of thing simply can’t happen.)
For 99+ % of the world's population using fiat currency is simple and the learning curve is basic school maths.
He's around 75 and has known me for maybe 20 years, we're not close friends but we run into each other every now and then and he knows I work with IT; I'm about half his age.
Long story short, I find out he needs help to retrieve his bitcoin wallet because he's lost $300k. I spend an hour looking around his devices and find out he's been buying bitcoin from a young hip instagram lady in Florida.
Wait for it…
…they shared access to the wallet.
He had a chat log stretching back one year on whatsapp with her, he was now paying her smaller sums to cover the cost for some "hacker" to retrieve his wallet.
¯\_(ツ)_/¯
He was saving it for his grandchildren and he basically had a meltdown when I told him he's probably been scammed.
I felt really bad and also uncomfortable with the whole situation, I gave him a hug and told him to get in touch with his bank and tell them everything he told me.
Not likely that they'll help him but I just didn't know how to deal with the situation.
That is such a poor attitude. Instead maybe hope that canonical may fix the lax vetting and security of their store, but to care directly about their reputation and not the user who was scammed due to their weak practices goes hand in hand with everything else I’ve seen from snap.
Case in point: https://www.web3isgoinggreat.com/?id=fixedfloat-hack
So we need to be careful with how we interpret "Safe!"
Multiple laminated (real) paper wallets in a safety deposit box and multiple locations is the only way to go.
The wallet file is for keeping BTC, and whether you print it on laminated paper or copy it to multiple USB sticks that you distribute in multiple places (you can encrypt a USB stick, but not really a piece of paper, so beware who has access to your storage!), doesn't matter once you want to use your BTC. Using your BTC requires a computer and a wallet app; there's no way around that besides online platforms.
The real solution for fake wallets is to independently validate signatures of wallet app releases or to build from source yourself. Also wait for a few weeks before jumping onto the latest wallet version. Who knows if the developer's supply chain got compromised.
Edit for completeness: Last but not least, do offline transactions (send the signed transaction using an online device without access to the wallet).
How about an offline virtual machine on Qubes OS?
I agree with all the recommendations - add human gates. Yes, it's expensive, but still far cheaper than the unbounded reputational damage that just occurred around the untrustworthiness of the store (hi Amazon).
Crypto has a long way to go and some improvements are being made but it definitely is one of the main pain points.
when they said that these Snap packages were "safe" they probably meant from a "linux is secure" and "properly sandboxed" meaning, not "we've verified that this person isn't trying to scam you".
* No way for anyone (user or store) to verify the identity of the publisher.
* User was not given enough understanding to be able to protect their Bitcoin identity (usability, identity backup).
* No way for anyone (user or store) to identify who had downloaded the malicious snap.
I could also see a sophisticated attacker holding off on draining wallets until the amount contained started to drop or increased past a threshold. Draining funds as soon as a user attempts to setup the app gets you a few suckers but also means you'll be reported quickly. Giving everyone a failure message while recording the recovery key might let you go significantly longer before discovery.
Snap is only bad because the people developing snap are incompetent. The idea itself isn't bad.
then tried to 'self checkout' the app store
"One of the goals is to automate the whole Snapcraft publishing and review pipeline so there’s fewer (expensive and slow) humans in the loop." (from op article).
automation should not replace human judgement, it should replace human drudgery.
- if it does, then the change output is simply hidden from the user validation flow
- if it doesn’t it will appear as a second bitcoin transfer to approve, which require a second physical approval on the device. this is highly unusual and should trigger the user's suspicion.
I can’t say for other vendors but this is pretty standard security practice I’m sure, hardware wallets are fighting against attacks that are way more elaborate than this one.
So rather than being “wrong”, maybe I am more similar to most regular user of hardware wallets, and that this kind of attack would indeed be a disaster for a lot of users who have hardware wallets. Myself included.
Line could go up, but if you aren’t extremely careful with processes that most people don’t and won’t comprehend—and don’t even realize are something you need to do—you can just straight up lose everything.
https://www.aura.com/learn/i-got-scammed-on-venmo-what-do-i-...
https://help.venmo.com/hc/en-us/articles/235171088-Cancel-Pa...
A fool and their money..
Though, the industry is aware of this and working on it. There is at least one company (Chia Network) where the on-chain language (ChiaLisp) is both capable and secure enough to allow for the sort of management needed to allow for self-custody to happen in a safe, sane manner. GUIs for this sort of thing aren't ready for the general public yet, but are definitely on the way.
That's why it's still early days.
Those generic arguments can be applied to literally everything we already have. People get scammed via their bank accounts every day too, people literally get scammed by the phone. You have to use your brain when it comes to _anything_ that involves a real world value these days, saying 'crypto bad cause scams' is pointless as there are way more scams involving real world money everywhere.
The story is not much different in Traditional Finance; though in some cases you can recover your money. The US (and to some extent EU) have some protection, but for the rest of the world it's not much different than crypto.
If they were ready btc would be $1m and they would be widely used.
The screen is tiny, and protocol devs don't usually put a lot of thought into making stuff easily human readable. Ideally a transaction can be fully understood and verified from the hardware wallet but we still have a ways to go.
It's much more likely you'll fall victim to malware that waits until you're on an exchange website, and substitutes the attacker's receive address for the exchange's. You think you're depositing funds in your account, but they vanish instead. This is basically the same attack as fake escrow instructions emailed to people buying a home.
While it’s not foolproof, it’s a good reason to compile things yourself from source instead of using the binaries. Unless someone trusted is validating build reproducibility, but that isn’t as common as we’d all like.
Some 4y old discussion of how some OSs for electrum are built reproducibly: https://old.reddit.com/r/Bitcoin/comments/dcz0my/what_is_not...
This app simply transmitted seed phrases to a server, or derived the first private key of one and sent that
Starting to agree with everyone else here, if the crypto enthusiasts on HN can’t differentiate
Pretty sure this is not the case for Trezor (This was an angle that got addressed a long time ago). Also, Ethereum doesn't have a change address.
> So far I’ve been putting it off because a single wallet and being diligent about checking the output address that you send to seemed sufficient.
If you are too concerned and use Bitcoin, there is an easier/simpler way. Sign the transaction offline and don't broadcast it. Copy the transaction Hex and decode it. You can there read the details of the output addresses, fees, etc.. When you are sure, then you can broadcast the transaction.
Read the comment you quoted again.
I said Electrum. The Bitcoin wallet.
They might consider it further if the store got to a decent scale (like the contemporaries like iOS, Play and Microsoft). But with "only" 6K applications published, and the money canon being pointed in other directions, I can't see it happening any time soon.
> OK, it doesn't help if someone goes to the trouble of registering a homograph address
Doesn't even have to be homograph, it can just be something that has "exodus" in it (coming back to users not paying attention, this would work, and is also the reason phishing and other fake sites work), if "exodus-wallet.com" was verified then many people would still fall for it.
The entire thing would've been avoided if users paid attention and going to the official website instead of blindly trusting the Snap Store (and following VERY common advice, such as don't enter your secret phrase or password anywhere)
I'm not sure what Bitcoiner's preference would be exactly, but I'm sure they've got something involving signed wallet hashes published on the chain.
The hard part, as with anywhere else, is getting users to check it.
The point being - you should know when you want to access certain services so you switch on this mode, not allowing normal DNS name jacking or the like.
Sorta like privacy mode but for dapps/"web3"
Just random musings
Right now, the only real usage for apis is in oauth2.
There are dozens of tiny use cases we could use a standard uri for ease of use in corporate environments…
.well-known/documentation - redirects to the docs
.well-known/health - health check
.well-known/specificiation - api contracts
Etc…
... as well as the ACME HTTP-01 challenge as used by Let's Encrypt etc.
Obviously it's upsetting to have our API used by a scammer, but our service couldn't have been involved in this hack beyond fetching a JSON-formatted response of up-to-date exchange rates because that's the only functionality our service/domain provides.
My guess is that the scammer implemented a call to our API to fetch up-to-date exchange rates in order to make their fake wallet seem more plausible & real. Interestingly my API doesn't even support any exchange rates involving cryptocurrencies and so the scammer would have had to additionally integrate with a different API to get something like the up-to-date exchange rate between BTC and USD.
The API is a very simple service - it's just a few endpoints that supply JSON formatted exchange rates over HTTPS. Anyone with an email address can sign up to use the service for free and there are even some totally "open access" endpoints that don't require any authentication. One of these has been used in the GNU `units` converter software for a while.
With regard to proving it's a legitimate service, this is the point where I wish I had made more progress with the landing page update that emphasizes social proof I've been working on recently! The API is used by ICs/teams at hundreds of recognizable companies. There are tens of thousands of free users including some that have used the API consistently for free for over a decade. I guess you could check many instances of the service being archived on the wayback machine? https://web.archive.org/web/20240000000000*/https://www.exch... I'll definitely admit the domain does look a bit odd but back in 2010 when registering it the "Exact Match Domain" bonus was a big factor for SEO. The site has been a top 3 Google result for "exchange rate api" pretty consistently - presumably also how the scammer ended up using the service.
I've used Cloudflare since approx. 2019 and their "cloudflared" tunnel infrastructure since approx. 2021 to secure servers against DDoS.
I'll contact popey to see if we can get more details on the exact path/request they saw being made to our domain and if that leads to any further information or logging from our side.
I still have the snap, and could test further, but I suspect the endpoint linode boxes will disappear and popup somewhere else sometime.
The only thing implicating that site is a redirect that you got from a site that you know you don't trust.
I appreciate your comments, as they made me think more about that topic.
Feel like there should be more extensive monitoring mechanisms for the elderly.
If you're the first person to encounter the hash, or if the number of hops is very high before you encounter something besides 0 (eventually heading into sybil-territory) then you have cause for extra scrutiny.
Bonus points if the people who developed the app are participating, but still useful if they're not.
Crypto, on the other hand, is specifically designed to evade regulation (permissionless setting), is useful for very little else, and you can do easily without it.
Look, I can do that too!
https://tenor.com/view/uncle-scrooge-mcduck-money-rich-gif-1...
And then if I went so far as to double check that the other address was a change address, I’d do so by looking in the list of addresses for my wallet in Electrum.
But in our scenario I am using a backdoored Electrum. And therefore it could be showing a mixture of the real addresses that belong to me in that list alongside addresses belonging to a different wallet that was set to show up there by whoever backdoored my copy of Electrum.
With Bitcoin, a small mistake or oversight and you money is gone, and unrecoverable. So you can point and laugh at people getting scammed on Venmo, but you need "normies" to adopt BTC.
There's really very little crypto-specific here, convincing someone to transfer funds to a scammer-controlled account is one of the oldest financial tricks in the book. It's still very common with bank wires.
> purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution. Digital signatures provide part of the solution, but the main benefits are lost if a trusted third party is still required [...]
Reality: The world's biggest financial institutions hold BTC as an intermediary for clients through trusted third party custodians for speculative purposes (rarely payments).
Of course bitcoin is rarely used for payments yet. Why would you sell the hardest money in existence, when you can sell junk dollars instead. And why would you price goods in something that's growing so quickly that its price changes dramatically month to month? It makes no sense.
Stage 1: prove ability to store value
once the value has grown to the point that it's stabilised enough to be a unit of account we will naturally move to
Stage 2: medium of exchange
The fact is we never even have to move to stage 2 for bitcoin to still be worth millions of dollars per bitcoin. Even if bitcoin only matches the market cap of gold, it will be worth ~$600,000/BTC and bitcoin has way better store-of-value fundamentals than gold.
If you're running a malicious service and you want to throw people off the scent, one common strategy is to redirect to random legitimate services so that anyone investigating thinks you're part of the other service.
I am rather ignorant on the matter but indeed I don't like that some things/people are too big too fail in the system.
On the other hand, isn't that established that banks being allowed to issue more money than what is backed by their assets is universally recognized as "good" as in allowing for previously unseen economic development that benefits everyone (but not equally...) ?
https://www.federalreserve.gov/monetarypolicy/reservereq.htm
The focus is now more on capital for assessing bank health.
See for example The Bankers' New Clothes: What's Wrong with Banking and What to Do about It (2014) by Anat Admati and Martin Hellwig.
The issue is malinvestment and misallocation of resources.
Leverage up on malinvestment (which is what most of the central banks and governments are doing) and it's the fast path to hell.
A fixed supply neutral third party money adds a sort of safety barrier against this leveraged malinvestment.
For example you might create and sign the transaction with Sparrow on your PC and then pass it to/from BlueWallet on a mobile to co-sign it via QR code.
theyre put in labor camps and do cryptocurrency scams over social media
Much of the social media scams are done in south east asia by trafficked people: https://www.reuters.com/world/asia-pacific/hundreds-thousand...
Think of it as an alternative to investing in a house to let out to tenants, but without the inconvenience, risk and cost of buying/selling and owning it.
Another factor is that with decreasing mining reward transaction fees are becoming more and more important for financing the entire system. But by its very nature using Bitcoin as a long term storage will lead to a small number of transaction and the relatively few transactions moving money into or out of long term storage will have to pay for the network resulting in high transaction fees or alternatively the hash rate will have to go down which could itself be problematic for the system.
One would have to run the numbers - how many people are storing how much money for how long - to see how problematic or unproblematic it would be to use Bitcoin primarily for long term storage. My gut feeling however is that without other usages like speculation or actually buying and selling stuff, it would be a rather expensive way to store money long term.
EDIT: Back-of-the-envelope estimate. Bitcoin market capitalization is currently 1000B $, electricity consumption is an estimated 138 TWh/y, 13.8B $/y at 0.10 $/kWh. So if it was all long term storage financed by transaction fees and with a stable price and hash rate, it would cost about 1.5 %/y to store your money in Bitcoin, assuming hardware, infrastructure, labor and so on adds another 10 % to the costs.
This isn't necessary to maintain value (think of a rare painting), but it is important to provide liquidity when you come to sell, so that you don't have to wait weeks for someone to buy your bitcoin. Bitcoin has plenty of liquidity - no shortage of buyer and sellers. Coinbase alone trades ~$1 billion of bitcoin per day.
You're correct that the hash-rate is related to block subsidy + fees, but it's only one of the variables. Cost of energy for miners is an equally import factor (continuously decreasing as miners tap into wasted energy around the earth, and without geographical constraints), along with efficiency of the mining HW.
Bitcoin averages around 2700 transactions per block which currently provides miners with total reward of 6.25 + 0.3 (tx fees) BTC = ~$334,050. If we suddenly went to fees-only today, that would be ~$123 per transaction. Considering that this fee is independent of transaction amount, it is actually very cheap for large values of money (e.g. >$1M) considering it covers the cost of moving the bearer asset around the world within ~30 minutes, and also covers the cost of protecting your value against debasement and theft for however long you had it stored for (often years).
I'm not sure how you came up with a % cost per year - the cost of storage is a one-off tx fee at purchase and sale (just like physical gold, but bitcoin transactions are generally cheaper and independent of the transaction size)
Do you have any citations to your survey of global consumer protection laws? Examples would be especially relevant if you know of cases where a bank granting access to a scammer left the victim with no recourse.
https://en.wikipedia.org/wiki/Bangladesh_Bank_robbery
https://www.bbc.com/news/stories-57520169
Not perfect, but 90-something percent better than no recourse. More importantly, it’s also not a given that individuals lose everything as opposed to higher operating costs for a bank. The kinds of crimes we see in the cryptocurrency world tend to leave individuals with no recourse other than very expensive private investigations, whereas a major financial institution at least had the resources to go after the money without going bankrupt.
https://www.independent.co.uk/news/world/asia/spelling-mista...
Note that the rest of the money disappeared quite effectively.
No, I’d suggest reading the article I shared. Some of the money was laundered successfully but they recovered tens of millions and the bank in the Philippines which didn’t help was heavily fined. The SWIFT system developers also took this very seriously and added additional safeguards, which seems like a better sign of safety for a financial system than mocking them for having poor opsec and saying they should have used a hardware wallet like the cryptocurrency world tends to do.
People who "closely study mistakes and successes of the past" are in a very rare supply in the crypto space, and for a good reason: because people who actually closely study mistakes and successes of the past don't want to touch that space even with a 10-yard stick.
The reasons were spelled out in no uncertain terms 7 years ago in https://medium.com/@kaistinchcombe/ten-years-in-nobody-has-c... and followup here https://medium.com/@kaistinchcombe/decentralized-and-trustle... 17 years in, all those reasons remain the same.
So all you need to do then is learn a Lisp? That sounds worth the effort for most non-tech people...
Passwords, credentials and other high-risk high value intangible data are not associated with high-risk high-value AND our memory is not designed for random junk.
Maybe an anthropologist can study this phenomenon further.
We already have hints of that: our memory has evolved for thousands year to easily memorize places and spatial navigation, in thr past for food, water and danger. Today you go in a foreign place, just one visit and you know where everything is. At the same time, people can usually hold only ~7 concepts/numbers/objects in their head.
In memory competitions people leverage our spatial prowess with a technique called the memory palace, that was already used in ancient Greece and Roman Empire to recall anything, from bard tales to the Iliad and Odysseus.
In the end the details don't really matter, currently running Bitcoin seems to cost about 1B $ per month and the users have to pay for that one way or another. Whether there are 1M users with 1M $ each paying 1k $ per month or 1B users with 1k $ and paying 1 $ in fees per month or no one paying any fees and the newly mined coins just diluting the value, that are all details.
It's extremely important to remember that when the fees make up the vast majority of the miner's income, there will be far more people using bitcoin. Ultimately, if bitcoin fulfils it's promise as the best store of value mankind has ever seen, everyone in the world will want some. In this situation, the demand for the 7 tn/sec will be enormous. As humans we're just not used to seeing hard limits on supply of a liquid asset, and it's easy to overlook it's effects. Just as the hard limit on the bitcoin supply issuance is fundamental to it holding its value against essentially anything else (even the gold supply doubles every 30-50 years) and will lead to enormous growth in demand against a falling supply, the fixed supply of transactions will lead to similar increases in the price of transactions due to fixed transaction supply and increasing overall demand.
Once hundred's of millions to billions of people are fighting over transaction space that can only service 150 million transactions a year, the supply/demand ratio will be plenty to support a high price. By that point people would _ideally_ be using it every day/week, and so the potential demand would be enormous, and the transaction price will increase until only their larger transactions are economical.
The real question is: how much hash-rate is really needed?
The hash rate itself is irrelevant, what matters is the cost of achieving it. If that cost becomes too low so that someone can afford to control a substantial fraction of the hash rate, they could decide to mess with the system, for example perform a denial of service attack. As said before, it seems that running Bitcoin currently costs about a billion dollar per month. That makes the network probably quite safe but it certainly is still in reach of some actors. Lowering the costs substantially - say ten times or more - would increase the circle of entities capable of messing with the systems quite a bit.
The question is of course why someone would want to do this, but I can imagine some scenarios, not at last that it seems quite possible to make some money if Bitcoin experiences issues.
Unless you're talking about people who are studying the mistakes and successes of crypto scams, and are working to refine them (the scams), then you can find a few.
For a store of value it doesn't matter how much you own in absolute terms, it matters how well the amount you bought holds it's value relative to things you might want to buy.
Think of Amazon shares. When looking to invest today, I don't care that some people bought shares at $0.25 (I'd argue they deserved to), I care about what the price is now relative to what it's likely to be when I sell - the actual number of shares I buy is irrelevant.
Bitcoin's price goes up for two reasons - because more and more value is being stored in it, and because it's engineered such that each unit retains it's value better than a unit of anything else. So assuming I'm right about the engineering, even when no new value is being stored in it, the price will still increase relative to any alternative. The units of everything else leak value, be it through supply increase, or instead through maintenance costs, poor liquidity, increased risk etc.
Regarding people buying "cheaper" alternatives instead - even ignoring network effect, any cheap bitcoin clone won't have the same potential because bitcoin already exists. There are thousands of cheap copies already - clone the bitcoin repo and have at it. To beat bitcoin, network effect means your copy will need to be substantially better and in a way that bitcoin can't adapt to (including via adding additional network layers such as Lightning, Paypal etc) - otherwise like the rest, including fiat, it's going to 0.
This is more of the same. The base rule in crypto has always been “not your keys, not your coins” and to keep your recovery seed offline and only enter it with the utmost of caution.
The history of scams is long, requiring periods of societal learning and transition as e.g. credit card, identity fraud, and wire fraud have taken center stage.
Private keys will be something that a certain amount of the population will eventually be required to understand in my estimation, even if simplified as much as can be. The alternative is more middle ground solutions putting ultimate trust in a separate party managing the keys.
There isn’t much use for most first world citizens in maintaining direct control over their digital wealth, so they are best served by staying away or dollar cost averaging a small percentage of their portfolio into an offline wallet. Those who want to experiment with smart contracts can do so with much smaller amounts.
The ability to memorize 12 words and have direct ownership of your wealth anywhere with an Internet connection, independent of any party save those facilitating the network and the one accepting your payment, and the ability to cross a border or transfer to the other side of the globe without seizure, is already tremendously powerful to hundreds of millions of people who lack trustworthy financial services.
This is because blockchains have no way of enforcing laws, including property rights. Therefore it comes down to this. Imagine that whoever got hold of your car keys, automatically became the owner. This is what "not your keys, not your coins" means.
The "not your keys, not your coins" is more the fact that someone else holding your stuff happen to them and your stuff goes away. Or they never had it to start with. i.e. Counterparty risk.
`Cash` doesn't inherently have any mechanism for enforcing rights either. The difference is that real-world identities are easier to establish in situations where cash transactions go awry.
If people want a system where this as well as excessive inflation are close to impossible, they now have an option, with the clear caveat of that ownership.
It’s not like there aren’t other options to choose - custodial services and multi-signature wallets. Banks are custodial services too, and that’s fine.
And governments have enacted laws to protect people. With cryptocurrencies, they - by definition - cannot. Once you got scammed, your money is all but gone (sans a very VERY few exceptions).
> The ability to memorize 12 words and have direct ownership of your wealth anywhere with an Internet connection, independent of any party save those facilitating the network and the one accepting your payment, and the ability to cross a border or transfer to the other side of the globe without seizure, is already tremendously powerful to hundreds of millions of people who lack trustworthy financial services.
That's a societal problem, it can only be solved by society, not by cryptocurrency peddlers and tech-bros. And in any case: at some point that "wealth" has to enter the real world, and it's there that governments can step in and seize said wealth.
People escaping oppressive regimes don't have time for their society to solve it, they need to leave to a different, less messed-up society. And this is one of the few ways that they can bring a decent fraction of their assets with them in a form that's not very easily stolen from them.
Rollbacks being impossible doesn’t mean the government cannot legislate.
This is a double edged sword - the benefit and the drawback are inextricably linked. Caveat emptor. Do you want absolute control of your funds? If so, you can memorize 12 words and travel the globe. If not, look to custodial partners, ETFs, or multi-signature wallets.
> That's a societal problem, it can only be solved by society, not by cryptocurrency peddlers and tech-bros. And in any case: at some point that "wealth" has to enter the real world, and it's there that governments can step in and seize said wealth.
What? I assume by “this” you mean people who don’t have quality trustworthy financial institutions?
This is Hacker News. We brainstorm technological solutions to real world problems all the time. This particular problem can only be solved be “society” at large, not technology, because you say so?
You want to disparage those trying as “tech-bro peddlers” - do you simply mean any technology inclined entrepreneur who doesn’t present female? This is an absurd emotional invective.
I’d bring up Monero RingCTs and stealth addresses as an intermediate step and the offramp of direct purchases which that community has been building, as well as tools like Bisq, but I doubt the utility of continuing to reply.
In 2000 neural networks had existed for more than 50 years. More than 20 years later their full potential is finally being realized, and many would say it is still early days.
It’s naive to think that you can predict the future course of a technology simply based on the fact that it has already existed for a certain amount of time.
Similarly, nobody doubted that neural networks were capable of very interesting things - the holdup was the level of processing power needed to run them. As soon as that changes, useful applications abounded.
Those make quite the contrast with bitcoin which has been universally available to a much, much larger population and had truly massive resources available, but almost no meaningful impact because it doesn’t give most people anything new or better. The few businesses which aren’t trying to market it and still accept it almost universally convert BTC into real currency as soon as they receive it, companies like Western Union and Visa haven’t felt the need to lower rates, and to the extent that PayPal is reconsidering screwing everyone so aggressively it’s because of Venmo and Stripe, not Bitcoin.
It's a political experiment centred around replacing the existing financial system.
And the mistake there is that people in the crypto space are ignorant about how that world works. Namely that there is such a large overlap with the government that you're in essence trying to disrupt governments. Which is a losing battle.
TBL released his paper and source code for the WWW on April 30, 1993. On that date, all that existed was an idea and a command line browser. Most people only knew the web in those early years as "that thing you could reach by telnet to info.cern.ch".
Even given this modest start, fifteen years later, in 2008, nearly 75% of adults used the internet according to a Pew research study (https://www.pewresearch.org/internet/2015/06/26/americans-in...). In 2008, we already saw the emergence of the e-commerce market, with upstart Amazon already commanding a 1% share of the entire retail market (to put in perspective, that grew to ~6% by 2019, according to Census and Morgan Stanley data: https://finance.yahoo.com/news/chart-shows-just-big-amazon-r...). Heck, by 2008, you could watch a movie instantaneously on your TV without renting or buying the DVD! (https://web.archive.org/web/20080525201828/http://www.netfli...)
So yes, you can determine something about the relative strength of a particular technology by the speed it is adopted in the marketplace. Fifteen years is a long time, and even taking into account the slow Internet speeds between 1993 and 2008, people found enough value in the Web to use it on a daily basis. I don't see the same adoption curve for cryptocurrencies.
[1]https://en.wikipedia.org/wiki/Complaint_tablet_to_Ea-n%C4%81... [2]https://en.wikipedia.org/wiki/Tulip_mania
Common mistake. The original saying was "Possession is nine points of the law". Over time it's been bastardized to "nine-tenths".
Fraud. Transaction rollbacks. Consumer protection laws.
A much smaller fraction should be using open source and audited hardware wallets as well as offline paper wallets.
People will have the option to shoot their foot off with real, direct control, yes. That option or ‘genie’ doesn’t go back in the bottle, not permanently.
Things are the way they are because of interests, some people are making money on it. "Crypto bros" aren't rediscovering anything and you seem clueless as to what they want and are repeating old ass tropes you probably learned from others.
I remember only a year or 2 ago when HN was very much against K8S, you probably don't, being of short memory and not learning from others. But, guess what, we are using k8s and crypto and you are stuck and soon will be making apologies for your lack of sense and will be tired of repeating others' lies here.
Sorry but not sorry.
This is incorrect. AI has gone through multiple ‘winters’ where there were serious doubts and pessimistic attitudes toward its capabilities.
That’s where the contrast with Bitcoin is so pronounced: in that case, the limitation isn’t technical but political - it’s been available to anyone who wants it for 15 years but most people don’t want it because you have to strongly share a certain ideology to prefer a slower, less secure, more expensive financial system. There is no technical improvement which will suddenly boost Bitcoin adoption the way GPUs and smart algorithms boosted neural networks because the inefficiency is the point.
Yes, most don't discover anything, they just run scams. The tiny percentage who doesn't are busy re-discovering and te-inventing all the institutions and processes the world has.
> I remember only a year or 2 ago when HN was very much against K8S
Ah yes. Yet another comparison pulled out of thin air.
Try counting the number of times people mention phrases like “combinatorial explosion” or other limitations like the single/multi-layer perceptron argument, which are the kinds of problems we’re talking about where the issue was feasibility on the hardware available, or things like “expert systems” which were dead ends unrelated to neural networks.
Now, you can try to change the topic again to hypothesize that some non-blockchain technology will become popular but that’s no more relevant to this thread than the 80s expert systems people were to modern machine learning systems. Different technology and implementations having different results isn’t exactly disproving criticism.
> Now, you can try to change the topic again to hypothesize that some non-blockchain technology will become popular but that’s no more relevant to this thread than the 80s expert systems people were to modern machine learning systems.
Practical ZKP and accessible circuit programming is definitely relevant to blockchains; it is one example of technological advancement in crypto that has led to significant advancements. If the only technology you look at is Bitcoin, which is stagnant and hasn’t progressed in many years, of course it will look like nothing in blockchain technology has progressed.
Hint: neural network and AI are not synonyms. You were corrected after conflating the two.
> If the only technology you look at is Bitcoin, which is stagnant and hasn’t progressed in many years, of course it will look like nothing in blockchain technology has progressed.
This post is about Bitcoin so it’s unsurprisingly discussing that, especially since that’s where most of the usage is. Neither of the things you mentioned solve the underlying architectural problems inherent to blockchains, although the ZK stuff does help with privacy somewhat, but again I would remind you that the comparison to the early internet still runs afoul of lack of demand for blockchains. People didn’t need a FOMO sales pitch to see that going online was useful; for a payment system to become popular it needs to offer an advantage on price, performance, or security – the ceiling for how much most people will pay for a cryptocurrency is whatever it costs to use Venmo or Square so the focus needs to be on outcompeting the status quo and setting realistic expectations for how much shaving a point or two off of a transaction price will really change the world.