Slashdot Mirror

Jordan Pearson, writing for Motherboard: Satoshi Nakamoto is Bitcoin's anonymous creator and absentee head of state. In the years since she (or he, or they) disappeared into the ether and left the technology in the hands of a few high-profile developers, Nakamoto's words have become nigh-gospel for some in the Bitcoin world. On Friday, a user going by "CipherionX" on the Bitcointalk forum published five emails allegedly between Satoshi Nakamoto and former Bitcoin developer Mike Hearn. In an email to Motherboard, Hearn confirmed that he shared the emails with the user. While Hearn himself, who was one of the earliest Bitcoin developers, has previously quoted most of the juicy bits from his correspondence with Nakamoto, it appears to be the first time much of the material has been shared in full. None of the emails are included on a popular database of Nakamoto's writings collected from old emails and forum posts.

An anonymous reader writes: "Veritaseum has confirmed today that a hacker stole $8.4 million from the platform's ICO on Sunday, July 23," reports Bleeping Computer. "This is the second ICO hack in the last week and the fourth hack of an Ethereum platform this month. An ICO (Initial Coin Offering) is similar to a classic IPO (Initial Public Offering), but instead of stocks in a company, buyers get tokens in an online platform. Users can keep tokens until the issuing company decides to buy them back, or they can sell the tokens to other users for Ethereum. Veritaseum was holding its ICO over the weekend, allowing users to buy VERI tokens for a product the company was preparing to launch in the realm of financial services." The hacker breached its systems, stole VERI tokens and immediately dumped them on the market due to the high-demand. The hacker made $8.4 million from the token sale, which he immediately started to launder. In a post-mortem announcement, Middleton posted online today, the Veritaseum CEO said "the amount stolen was miniscule (less than 00.07%) although the dollar amount was quite material." The CEO also suspects that "at least one corporate partner that may have dropped the ball and [might] be liable." Previous Ethereum services hacks include Parity, CoinDash, and Classic Ether Wallet.

Contributor Tom Geller writes: "I recently wrote an article about Bitcoin and the law for Communications of the Association for Computing Machinery. In researching it I ran into plenty of wishful thinkers, ridiculous greedheads, and out-and-out nutbags promising a rosy future. I also found the expected blowback from vehement naysayers who think the best way to combat crazy is with more crazy. But despite that, I walked away believing that Bitcoin — or a decentralized cryptocurrency like it (let's call it "Coin") — is here to stay. As an interested outsider to the Coin economy, and a long-time technology commentator, here's what I think its future holds." Read on for Tom's predictions. Coin's primary use will continue to be in international transactions.

While people wonder "When will I be able to pay for groceries and utilities with Bitcoin?", that use might never come. But Coin already shines in international transactions, where it provides a clear advantage over current systems, which are expensive and complicated hassles. That's why PayPal has become the go-to solution: it just works, albeit with typical fees around 3-5%.

Coin reduces that fee to a small fraction of 1% (when sent directly), and is available in places where PayPal fears to tread (Zimbabwe, Pakistan, etc.). Coin transactions occur instantly, with no intermediary, and — for better or worse — without recourse.

That leads to Coin's second primary use: to store liquid value in places where other stores (such as national currency) are unreliable. For all the cries that Bitcoin is "unstable", it seems to have settled quite nicely after its April spike. Certainly it looks appealing to anyone in an unstable country, and it's even tempting for those in places where the currency's been on a long, slow slide, like Argentina.

Coin's big vulnerability is its interface with national currencies ("real money").

None of this matters if you can't get your money out again. And that's where governments are taking a close look at Coin — with good reason. First, Coin exchanges have a terrible track record; second, such points of exchange are bottlenecks through which financial crimes often flow.

In the U.S., the government's Financial Crimes Enforcement Network (FinCEN) issued guidance asserting its right to regulate "Money Services Businesses", and defining exchanges dealing in virtual currencies (including Bitcoin) as such. That's a problem for many existing Coin exchanges, as the costs for complying with regulations are high. But if there's not a stable and reliable way to get national currency in and out of Coin, its value will plummet.

Conversely, Coin's value is likely to shoot up if this interface gets easier. Right now, it's surprisingly hard to buy Bitcoin (et al.) directly with U.S. dollars. Most methods require bank wires, tricky multi-step workarounds, and high fees. (I found Coinbase to be the most accessible, albeit with long delays and a bank verification procedure similar to PayPal's.) If Coin becomes as easy to buy as a gift card and redeemable at every bank, its practical utility will soar for everyday people.

No government will make Coin illegal.

Despite bloviation by a few politicians and baseless statements in the press, Coin is not per se illegal, and there have been no serious attempts to make it so. The FinCEN guidance mentioned earlier explicitly says that ordinary users — those who buy and sell using Coin — are "not subject to FinCEN's... regulations for MSBs". It's possible that other government agencies will continue to claim authority, but there doesn't seem to be much support for it.

A lot of noise has been made about Coin's use in illegal business, for example on Silk Road (where it's the only currency). But law enforcement is realizing that the currency isn't to blame, much as they've started to say that Craigslist isn't responsible for crimes organized through its ads. I predict that that distraction will continue to surface from time to time, but will essentially die soon.

Even if governments attempt to illegalize Coin, there's only so much they could do to criminalize ordinary users. Again, Coin's real vulnerabilities are higher up the chain. However....

If Coin succeeds, governments will get involved — for the better.

"Noooo!!!" scream the cryptoanarchists who are Coin's pioneers. "Keep the government out of this! Coin can't be controlled! Nobody can take away our freedoms!" What they don't realize is that this attitude doesn't reflect the values of Coin's future users. The benefits of "freedom" matter to the innovators; convenience and safety matter to those who follow.

"Government" in this case could also be a government-size corporation, syndicate, or other entity. The important thing is that it's big enough to administer, back, and enforce initiatives to protect the Coin economy. Whatever that "bully entity" is, Coin adopters will welcome it because of two major flaws currently in (Bit)Coin's design.

First, Coin is ridiculously easy to destroy by accident. If you lose the private cryptographic key that identifies your coin, it's gone. Not just stolen, but removed entirely from the economy, so nobody will ever own it again. Consider these stories on Bitcointalk.org, where within a few messages the cumulative total tops 10,000 BTC — currently valued around a million dollars. A central authority could address this in several ways such as tracking, restitution, etc.. People don't care that their cash is anonymous when the rent money disappears.

Second, the entire system is vulnerable to a brute-force attack. Without getting into the specifics, Coin (well, Bitcoin) works because it assumes that at least 50% of the computer power on the network is held by honest players. But a recent 51% attack on Feathercoin (a Coin with much lower capitalization) showed that it's possible for a single party (or syndicate) to trump that.

Let's do the math for Bitcoin, the Coin with by far the highest capitalization, at just north of USD$1 billion (1 x 10^9). To reliably overwhelm the network, you'd need computing power delivering about 100,000 gigahashes per second. Computers optimized for Bitcoin processing are currently available for about $1,000/gigahash, so sufficient computing power can be bought for $100 million. Electricity cost for the deed would be about $200,000/day.

O.K., it's not something a basement hacker could whip up. But there are over 400 people, and thousands of syndicates with a billion dollars in the U.S. alone. Perhaps at least one of them is crazy enough to drop 1% of the wealth to partially control (or completely destroy) a billion-dollar system. (Hell, one of them recently spent 1/10th of that price tag on his wedding.)

Those are only the two biggest technical concerns. Then there's the galaxy of financial services (such as insurance) that's available for fiat money, but which would be hard or impossible to provision for Coin without a central authority. Time could overcome these barriers; a bully entity would overcome them faster, and with greater public buy-in.

Bitcoin is not the end game.

Along those lines, I don't believe that Bitcoin will be the ultimate winner in this game. It's the 1.0, and a brilliant first effort at that. But it's not perfect, and several pretenders to the throne already claim to fix some of its bugs. In fact, shifting conditions may require periodic issuance of new Coin as a matter of course. (As I said before, I believe such issuances will involve a central authority.)

These predictions all assume that Coin will grow, and there are many reasons it might not. However, I'm bullish on it for the long-term. It's already proven its value in use; the public is used to handling Coin-like money (viz. Square Wallet); and its first major hurdles are in the past. Now it's ready to enter a fascinating future.



- - - - -
Tom Geller (tomgeller.com) writes about technology and business. He's best known for Drupal-related work that includes eight video courses for lynda.com, a book for Peachpit Press, and corporate work for Acquia, Commerce Guys, and others. He first became involved in computers as a grade-school student in 1976, playing "Hunt the Wumpus" on a 100-pound monster that spewed tractor-feed paper onto the floor. He lives in Oberlin, Ohio.

New submitter jhantin writes "The Bitcoin blockchain has forked due to a lurking backward-compatibility issue: versions older than 0.8 do not properly handle blocks larger than about 500k, and Slush's pool mined a 974k block today. The problem is that not all mining operations are on 0.8; blocks are being generated by a mix of several different versions of the daemon, each making its own decision as to which of the two forks is preferable to extend, and older versions refuse to honor or extend from a block of this size. The consensus on #bitcoin-dev is damage control: miners need to mine on pre-0.8 code so the backward-compatible fork will outgrow and thus dominate the compatibility-breaking one; merchants need to stop accepting transactions until the network re-converges on the backward-compatible fork of the chain; and average users can ignore the warning that they are out of sync and need to upgrade." Turns out there's an approximately 512K limit to atomic updates in Berkeley DB which were used by versions prior to 0.8. 0.8 uses a new database, allowing blockchains that old versions won't accept to be created.

hypnosec writes "An attacker managed to access an unencrypted backup of wallet keys and steal 24,000 BTC (worth more than a quarter million USD), following which Bitcoin exchange Bitfloor has been shut down while the investigation of the theft is going on. The attack was carried out sometime last night. In a forum post, Shtylman pleads with Bitcoin users that BitFloor needs their help."

An anonymous reader writes "A fortnight ago the Bitcoin financial website Bitcoinica was hacked and the hacker stole $87,000 worth of Bitcoins. At the time the owner promised that all users would have their Bitcoins and US dollars returned in full, but one of the site developers has just confirmed that they have no database backups and are having difficulty figuring out what everyone's account balance should actually be. A failure of epic proportions for a site holding such large amounts of money."

dynamo52 sends this quote from Ars about a breach involving a Bitcoin exchange: "More than $87,000 worth of the virtual currency known as Bitcoin was stolen after online bandits penetrated servers belonging to Bitcoinica, prompting its operators to temporarily shutter the trading platform to contain the damage. Friday's theft came after hackers accessed Bitcoinica's production servers and depleted its online wallet of 18,547 BTC, as individual Bitcoin units are called, company officials said in a blog post published on Friday. It said the heist affected only a small fraction of Bitcoinica's overall bitcoin deposits and that all withdrawal requests will be honored once the platform reopens." Reader linhares points out a forum post discussing how the attacker(s) hinted at a 'mass leak' in the near future. This attack comes shortly after a leak of a different sort — an FBI document (PDF) about Bitcoin found it way onto the internet. It seems they're worried about the virtual currency's potential use in criminal activities.