Jump to content


Coin tracking


  • Please log in to reply
125 replies to this topic

#41 Saivann Carignan

Saivann Carignan

    Member

  • Lifetime
  • Pip
  • 247 posts
  • LocationQuebec, Canada

Posted 14 November 2013 - 09:10 PM

I am also concerned that this system can be abused, could not be efficient and can represent concrete risks for Bitcoin that shouldn't be ignored. That is why I think these discussions are very important and shouldn't be taboo.

On fungibility, one difference with Bitcoin is that you can't see the money until you irreversibly received it, so you can't refuse it in a traditional sense and the same is true for the people who will receive this money from you. You can't be persecuted for accepting redlisted money. Where I see a real risk for fungibility, however, is that you can be persecuted for spending this money without reporting if you're denounced by the people who will receive money from you.

Another unsolved problem is that I hardly see independent organizations maintaining redlists; third parties generally can't witness crimes or have financial incentives to maintain their list. I am therefore concerned that:

1. Lists would be mainly government maintained.
2. Persecuting users for not reporting will be tempting (complicity).
3. Abusing the system for political reasons will be tempting (and opaque to the public).
Edit: 4. Persecuting miners for processing redlisted coins transactions will be tempting (fully anonymous miners might become more rare as the network scales).

I think we shouldn't automatically reject any idea that could (efficiently) improve this system. Obviously, there is a big difference between discussing and adopting these ideas.

#42 Michael Toomim

Michael Toomim

    Member

  • Members
  • Pip
  • 75 posts

Posted 14 November 2013 - 09:58 PM

We must keep this discussion going! If we can't find a good technical solution, somebody else will make one. And we might not like it.

I'm confident we can creatively code our way through this issue. For instance, what if we created a decentralized, fuzzy redlist, without a central authority deciding which transactions were bad or good? Is there an economic solution to this problem?

If we decide that no decent system is possible, we still need to scope out the possibilities. We need to be one step ahead.

#43 Mike Hearn

Mike Hearn

    Member

  • Lifetime
  • Pip
  • 333 posts

Posted 14 November 2013 - 11:11 PM

View PostPiotr Piasecki (ThePiachu), on 14 November 2013 - 07:55 PM, said:

If you can tell a difference between different coins, you destroy the fungibility of Bitcoin - making them less like money.

You're incorrect, but the reasons are not intuitive, so let's go through this one piece at a time. I'll come back to fungibility at the very end.

Quote

it wouldn't make much sense since rarely would you have purely tainted or pure coins - if someone creates a transaction with 90% pure coins and 10% tainted coins as input, would you consider that transaction as a redlist candidate? How about 99% and 1%? What about block rewards that earned a fee from processing tainted coins? This would be harder to track.

Block rewards obviously wouldn't inherit any kind of marking because at that point, unless the CryptoLocker guys are also mining, the ownership of the coins would have changed hands and the miner doesn't have any info about where the money came from. Dead end, clear the marks and move on.

This does mean that by co-operating with a miner, extortionists would be able to get unmarked. But that's OK. No system is ever bulletproof, it just raises the bar.

What about transactions that mix marked/unmarked inputs - all the outputs get marked too. This may or may not yield any useful clues.

Quote

Moreover, I think the "redlisting" of coins is a slippery slope. Here is how things could progress:    
[*]People start discriminating against tainted coins
[*]Someone from the US government would have the bright idea of redlisting coins that passed through wallets of "terrorist organizations", so say Wikileaks gets redlisted

Stop here - how exactly would the US government do this? Remember that WikiLeaks is generating a new address for each donation. The USG does not know which transactions are donations to WikiLeaks any more than anyone else does. To start their own mark list, they'd have to donate money themselves. But this doesn't help them find out who else donated. What's more, mark lists are only useful if people check them and make reports based on them. If someone turns up at an office building in Sweden and wants to rent an office building, who says the owner would check any US-created list? Who says they would care? Even if they did care for some reason, what would they do? Turn down the offer? If they personally hate WikiLeaks, why not, but then again they probably wouldn't need Bitcoin to tell them they're renting to WL, they'd know that already.

Mark lists are designed to be started by victim reports - how else do you know what to mark? In the case of WikiLeaks, there are no victim reports.

Quote

    
[*]People that don't know better can't tell a difference between coins redlisted for crimes and ones redlisted by politicians for "war on terror", so they discriminate against them both.

But that's not the system I've been thinking about. Separation of lists is very important.

You can say, "governments won't let lists be separated", but "governments will require X" is a prediction you can make for any X, saying that doesn't help move anything forward. I can say, "no they won't" and it turns into a difference of opinion. Who is right? We can't tell because we're debating things that haven't happened.

Let's try and figure out what sort of system we'd like in the absence of any government intervention at all, first. Otherwise we're gonna get one designed by a bunch of regulators, instead of bitcoiners. That would be suboptimal.


OK, let's talk fungibility. Marking is informational. The analogy I thought of earlier today is it's like a wanted poster for the internet. It says, "you might have information that could lead to the capture of this guy, who is very bad, please help". It does not say, "you cannot spend these coins". That wouldn't even be useful. What purpose would such a rule have? It'd only work if you could blacklist coins so quickly, so strongly and with so few false positives that the coins get "stuck" whilst still owned by the bad guy, but that's impossible. There will always be leakage. That's why marking is about gathering of clues and signals that when added together with other hints and evidence, could point someone in the right direction. At that point it doesn't make any difference whether marked coins get spent or not. It's simply irrelevant.

#44 Michael Repplinger

Michael Repplinger

    Member

  • Lifetime
  • Pip
  • 29 posts

Posted 14 November 2013 - 11:18 PM

I am honestly surprised, bordering on appalled, by the largely positive reaction to this proposal.

Then again, I'm completely new here, so I probably shouldn't.

Any such attempt, to create a database of tainted coins to remove them from circulation, is a direct attack on Bitcoin's fungibility. And because of the relative ease with which the property of being tainted can spread (any shared address will do the trick, presumably) or could even be entirely faked ("Bill stole my coins. Mark them as stolen, please." Who will do the detective work on this claim, Bitcoin Police?), Bitcoin's fungibility is not just threatened, but at the real risk of being completely destroyed over time.

There are ways to cooperate with (law enforcement) authorities and try to limit the usefulness of Bitcoin as a tool for criminal activities, but blacklisting coins is not one of them. It is a surefire way to destroy this fantastic little (5B USD) experiment we have going here.

#45 Mike Hearn

Mike Hearn

    Member

  • Lifetime
  • Pip
  • 333 posts

Posted 14 November 2013 - 11:22 PM

Michael, please do elaborate on those other ways you mention. For instance, how do you think CryptoLocker should be tackled.

#46 Michael Repplinger

Michael Repplinger

    Member

  • Lifetime
  • Pip
  • 29 posts

Posted 14 November 2013 - 11:35 PM

View PostMike Hearn, on 14 November 2013 - 11:22 PM, said:

Michael, please do elaborate on those other ways you mention. For instance, how do you think CryptoLocker should be tackled.

The way any worm/malware should be fought? System security, user education, if possible, real world criminal prosecution? But maybe I'm missing the weight of your question.

Here's one question I have yet to see an answer for: Why should Bitcoin, which in many ways resembles, or perhaps can be seen as the next evolutionary step following cash, be held to an entirely different (moral, and legal) standard than cash?

The problems Bitcoin should tackle are ease of transaction, persistency of store of wealth, [more grandiose goals go here], but "making financially motivated crimes near-impossible, at the cost of crippling the core functionality of the currency" is not among them, in my opinion.

#47 Mike Hearn

Mike Hearn

    Member

  • Lifetime
  • Pip
  • 333 posts

Posted 14 November 2013 - 11:45 PM

System security and user education won't solve this problem, just because of the law of large numbers.

Let's say conservatively, there are about a billion people using the internet (the true number is higher these days I think, 1B is the number I used to see some years ago). And let's say about 90% of them use Windows. so that's 900 million.

Let's also say that thanks to brilliant virus scanners, spam filters and super education, 99% of users who are sent CryptoLocker DON'T get infected. But unless Windows goes full iPhone and totally bans unapproved software, no defence system will be perfect: let's say 1% of people get whacked.

So that's 0.01*900,000,000 = 9,000,000    (we can assume that after a few years everyone got mailed at least one scam mail with CL attached just because it's free to send)

How many Bitcoin users do you think there are in total, today? 1 million? With a generous definition of "user", perhaps a bit more.

No matter which way I slice these numbers, it seems left unchecked CL could grow at least as fast or faster than Bitcoin itself, to the point that there are more victims than genuine users. And let's face it, 99% of people are not protected.

You say, "real world criminal prosecution" but to prosecute you must find, and I don't see a good way to track these people down. That's kind of the point of exploring this topic.

Quote

Here's one question I have yet to see an answer for: Why should Bitcoin, which in many ways resembles, or perhaps can be seen as the next evolutionary step following cash, be held to an entirely different (moral, and legal) standard than cash?

What makes you think cash is held to a different standard? You realise that cash is not 100% fungible, right? If you're found to have forged money, you lose it, even if it's not your fault. And that really sucks because counterfeit currency is not really a rare problem. In the Economist today there is a story saying 1 in 4000 British bank notes are fake!

What's more, if you turn up at a bank with a giant pile of cash, or indeed at a real estate agent, they are expected to treat that carefully and possibly file reports if it seems suspicious.

So cash is not fungible, it's actually very much non-fungible, as anyone who tries to spend large amounts of it at once will discover.

However, I don't think we need to hurt Bitcoin's fungibility to find bad guys and make them prosecutable. See my reply to Piotr for why I think that.

#48 Michael Repplinger

Michael Repplinger

    Member

  • Lifetime
  • Pip
  • 29 posts

Posted 14 November 2013 - 11:56 PM

Only have limited time now, I'll re-join the discussion tomorrow. Just two brief remarks:

re: CryptoLocker. The problem with those extrapolations is that they sound about right, maybe they will turn out to be right, but they are very much 'back of the napkin' calculations. I would rather not risk core functionality of Bitcoin to combat a problem that is real, but far from certain to be catastrophic. How exactly is CryptoLocker different from any of the other malware that has been plagueing average users for more than the past decade, causing significant damage, but ultimately not being any threat to the system itself (be it Internet usage in general, online banking, etc.).

re: fungibility. The counterfeit argument is a strawman. Counterfeit money is by definition not real money, so it is not a limitation of fungibility of the actual currency. Also, you will note that I didn't simply say blacklisting coins will limit fungibility, I argued that, because of the ease with which the property of being marked as "used in criminal activity" can spread, it is an actual risk that diminish fungibility enough to make Bitcoin unusable.

#49 Olivier Janssens

Olivier Janssens

    Member

  • Lifetime
  • Pip
  • 131 posts

Posted 15 November 2013 - 12:00 AM

Mike, bitcoin will be abused by much worse things than cryptolocker.  Do you know which heinous crimes were done and are being done, and paid with cash? While you think you can't walk inside a bank - trust me, it's being laundered with billions per day in other creative ways.  If you want to use bitcoin to solve that problem, you joined the wrong company. I can't even believe that you are even thinking about this to be honest.  I think you should be removed from the board for even considering this.  You are actively promoting the end of bitcoin.  Don't think you will get away with it, the protocol will change soon so coins will be mixed and made untraceable/anonymous even more.  If you try to push this to government you will only shoot yourself in the foot, noone will stand for it.

Also, did you read this? https://bitcointalk....?topic=333882.0

http://www.forbes.co...oin-validation/

Its based on significant misunderstanding about bitcoins value proposition - destroy its fungibility and the costs float up to meet credit cards and paypal.

It is also a ridiculous approach.  If they want to certify users, they should do that as optional KYC, AML certificates that regulated merchants in respective jurisdictions can request, which could be attached to wallets/identities, not to fully fungible coins.  The certificates should be non-transitive they attest to the identity of the user, not the coins.  They should be optionally sent - if the recipient does not request it, it is privacy destructive and a security risk to send identifying information to unregulated businesses and individuals.

Their technical representatives of Coin Validation should be ashamed.  How can someone who doesnt understand a concept as basic as fungibility and its relation to transaction costs, and the difference between identity and coins hope to exist in this ecosystem.  

What they are proposing so far at least as explained by the Forbes article is stupid, dangerous and just wrong.  

I am also incensed frankly that someone would step into the market with such a muddle-headed thinking, and attempt to sabotage or destroy the core bitcoin feature that gives its value, where the value has been created by Satoshi and a cast of millions of man-hours of contributions of the community and technical wizards developing it mostly on volunteer time.  I am not someone prone to swearing, but this is astonishingly stupid and dangerous.   Please stop now.  In the article it is claimed they sought advice from the Winklevoss twins, if the twins value their estimated $30million bitcoin holding they should advise them to stop: if fungibility is destroyed bitcoins value as a transaction currency is impacted.  

I encourage anyone with technical skills to put their thinking caps on to find ways to increase fungibility in the short term like CoinJoin, coin control in wallets, helping less technical people migrate to better wallets, educating people about privacy practices that defend fungibility.  And longer term privacy technologies like zero coin, homomorphic encrypted value and committed (hidden) transactions.

I encourage all bitcoin businesses to shun Coin Validation unless we see some major U-turn or corrections.  If your business depends on the success bitcoin, it depends on the fungibility of bitcoin, and Coin Validation seem to be set on destroying both.

You can quote me on that.

I welcome Coin Validations corrections of the claims in the Forbes article.  Tell me you were misquoted.

Adam

ps For people who have no idea who http://cypherspace.org/adam/ I am https://bitcointalk....25463.msg237167 , my small part in bitcoin is I invented distributed mining in 1997 https://en.bitcoin.it/wiki/Hashcash (you can find the reference in Satoshi's paper) and worked on opensource ecash & crypto currency research & implementation for about a decade alongside Wei Dai & Hal Finney & others.

#50 Christophe Biocca

Christophe Biocca

    Member

  • Members
  • Pip
  • 19 posts

Posted 15 November 2013 - 12:27 AM

There's actually two issues at stake here:
The first is the question of having a way for someone who has paid bitcoins under duress, or had them stolen, to tell others about it, so that those of us who sympathize and want to help (or are required by law to help) can help provide information about the inputs they received, to help track down the original criminal.
In a perfectly voluntary world, I can see such a system being a great idea in theory: The more horrible the crime, the more likely everyone in the chain is willing to cooperate with tracking down the originator. There's still the issue of how such lists are constructed, and how the credibility of the victims is established, but multiple competing lists could keep the process honest (the way spam filter lists work). In the absence of a legal obligation to cooperate, this system works pretty nicely.

The second issue is that we do not live in anything close to a voluntary world, or even one in which governments limit the scope of their authority.
A government would almost immediately spawn their own redlist, and make it a requirement for all businesses to use it.
As you mention, they wouldn't be able to mark "Wikileaks's addresses" directly. What they can do however is mark all addresses as tainted. Every single one. Then the moment I spend any money, the merchant has to report information on my person to the redlist operator (my government). This very quickly removes privacy from the system. Essentially, a redlist system can be expanded by legal authorities to be mostly indistinguishable from CoinValidation's own proposal (by making 'marked' the default state of any funds). The cooperation we've seen between intelligence agencies tells me that we can reasonably assume the results of such a fishing expedition would be shared between most countries.

Nothing we do affects the feasability of this approach from the government. They could mandate it right now, and we can't stop it from coming into existence.
But I would be wary of building the tools you proposed, precisely because that would be making their task easier. Maybe we can actually build it once the threat has subsided due to (insert libertarian utopia of your choice here).

Now I disagree with those who are calling for your head, it seems they're getting a little spooked at how easily such a scheme could come into existence. Let's not shoot the messenger, especially when he's limited himself to a theoretical discussion. There's plenty of people who actually deserve our ire (the CoinValidation thing is positively vile, and they're openly trying to get legislators on their side).

#51 Christophe Biocca

Christophe Biocca

    Member

  • Members
  • Pip
  • 19 posts

Posted 15 November 2013 - 12:51 AM

I figured I'd throw in some comments about the worst case scenario as well:
Assume that this redlist idea is implemented, taken to the extreme ('marked' by default) and legally required on the entire planet. What's the net effect?

It splits coins into two categories: white market and grey market. White market coins are tied to identities very strongly, and are the only way you can buy from law-abiding merchants. Grey market coins are no longer in the possession of any known actors, but they still are usable (barring core protocol changes). It's pretty easy to move funds from white market to the grey market (coinjoin, reminting through transaction fees, zerocoin). But moving money in the other direction exposes you to scrutiny. Where does that leave us?

Well that's the situation with regular money today! I can take cash out in large quantities, and go buy grey market goods trivially, but the guy I buy from won't be able to use it to pay his mortgage without jumping through hoops. Of course bitcoin makes this divide even more stark (since it tracks funds perfectly), but it's the same fundamental stituation. And unlike the regular financial system, grey market bitcoins would preserve almost all of their attractive properties (instant transfer, divisibility, security). They'd just trade at a discount relative to the clean coins (based on how hard it is to launder them).

TLDR: While not desirable, the worst-case outcome of this doesn't kill bitcoin, not even close.

#52 Olivier Janssens

Olivier Janssens

    Member

  • Lifetime
  • Pip
  • 131 posts

Posted 15 November 2013 - 01:17 AM

Deep concern about the foundation's chairman of Law and Policy (Mike Hearn) pushing for coin taint: https://bitcoinfound...for-coin-taint/

Topic there includes votes from the community.

#53 Charles Hoskinson

Charles Hoskinson

    member

  • Members
  • Pip
  • 243 posts
  • LocationBoulder, Colorado

Posted 15 November 2013 - 01:28 AM

I have the utmost respect for Adam Back and have followed his work since the early 00s. Satoshi Nakamoto also had the utmost respect for him and even chose to use hashcash as the foundation of Bitcoin. I believe his statements stand for themselves.

Fungibility is inconvenient for governments, but it's what I signed up for when I came here. And don't say make an altcoin, Mike the protoshares model can be applied to bitcoin without much difficulty.

#54 Lyndsy Simon

Lyndsy Simon

    Member

  • Former Member
  • Pip
  • 3 posts
  • LocationCharlottesville, VA

Posted 15 November 2013 - 04:20 AM

I've not yet read this thread in its entirety, but I will as soon as I can.

I came here this evening because I knew there would be a thread on tainted coins in light of the launch of CoinValidation. I wanted to make it know that I am strongly opposed to any action that threatens the fungibility (real or perceived) of Bitcoin.

#55 John Stahl

John Stahl

    Member

  • Members
  • Pip
  • 26 posts

Posted 15 November 2013 - 04:41 AM

I wish that all of the Law and Policy Committee threads got this much attention. There are quite a few topics that I see as more important to developing into comprehensive positions(see links below for some samples) but unfortunately they don't draw the same level of attention as this topic. Someone says "coin tracking" and Bitcoin Foundation" in the same sentence and things get weird fast.

As far as the Mike's original discussion prompt, I have (of course) a short response and a long response

Short:
  • If the Bitcoin Foundation is to arrive at a coherent policy on the subject of coin tracking/tainting, it should follow along the same lines as what Jeff Garzik previously outlined, "On stolen coins and transaction blacklists." To oversimplify and pick one quote out of the article, "Stolen coins are fundamentally a legal, not technical concept." (There's so much more, I hope everyone reads his full post but this is the "short" response.) All in favor say aye? "Aye."
  • Let's not make the mistake of reinforcing any perception that bitcoin is intertwined with crime and nefarious activity. Our response to the use of bitcoin by people engaged in "anti-social" behavior should be "bitcoin is a protocol/network/whatnot that is agnostic to who uses it so long as that use is compatible with its basic operation, now go be better at law enforcement and catch the bad guys. We'll be over here coding and feeding homeless people with this awesome new technology."
Long:
  • CryptoLocker and its ilk are not "bitcoin problems." Transaction fees, block size, double-spends, these are bitcoin problems.  It's not even a "second degree" bitcoin problem like Money Transmission and KYC laws, or banking embargoes. It's as much a bitcoin problem as it is an email problem.  I despise people who victimize others. CryptoLocker is horrible, and I want to eradicate it. The good news is that there are technological and social means to defeat CryptoLocker and other harmful tools. The bad news is that this is a human/social problem, not a technological one. A percentage of the global population has and will continue to consistently victimize people using the means at their disposal. More good news: the same platforms that allow CryptoLocker to harm people also enables tools that neutralize it. (See Brian Krebs' writeup)
  • Coin tracking is not a Bitcoin Foundation issue. As a thought leader, our organization may have a position on the subject(see  first bullet point of my "Short" response for what I think that position should be), and we can be in favor/against/neutral, but our position will remain just that, a position, its power enforced by peer pressure. Coin tracking, and the problems it is intended to solve are, I believe, outside of our purview. There are people and organizations dedicated to solving those problems. I'm pretty sure they're WAY ahead of us in building those solutions.
  • We're a non-profit organization encouraging the development and use of an open source software project. Let's focus on ensuring that bitcoin remains solid at the core level, work to reduce the barriers to use by providing comprehensive educational material and showing that bitcoin provides a wide range of benefits for consumers, and everyone else(see proposed position papers below, and add to them!)
  • "We are determined to keep Bitcoin rooted in its core principles: non-political economy, openness and independence." From our "About" page.
  • Read Jeff Garzik's article, I'm tired.
Mike, I'm sorry your thought prompt got turned into "BURN THE WITCH!" I think there may be a confusion between a free exchange of ideas on a relevant topic and a decree. I appreciate that there has been some productive conversation on the subject, and I think it exposes what seems to be a raw nerve.

In summary, and staying on topic, I think that if we decide that we need a formal position on coin tracking it should be that we recognize that it will happen, it's not in our realm of responsibility.

PSA, there's a lot of topics that I think are more time-sensitive that need to be developed and built into coherent positions that we can present to the public. Links below.


Positions that need to be written
Position M.1 - Miners should not be considered money transmitters or MSBs
Position C.1 - Selectively mediated transactions are good for consumer protection
Commodity? Currency? Something else?

#56 Barry Stinson

Barry Stinson

    Member

  • Members
  • Pip
  • 20 posts

Posted 15 November 2013 - 05:09 AM

Given this is the "Law and Policy" committee, there has been scant discussion given to the real world legal impacts such a coin-tainting scheme would have.

You do realize that this would be a massive legal liability thrust upon most merchants? Oh, so you sold them the hamburger even though your BTC client said there was a 84% degree of coin-taint? What...you mean you by company policy don't even check that because you think its a "voluntary" part of the client? So accepting stolen goods is a "company policy"?

The simple fact is, given the litigious  nature of the modern world, the inclusion of such a "feature" would have debilitating effects.

I think everyone appreciates Mike's bringing this topic up, and his desire to eradicate CryptoLocker, but Bitcoin is *absolutely* the wrong square peg to try and nail into that round hole.

From a strategic perspective, trying to make envision ways Bitcoin can be more like Paypal plays to their strength.

#57 Shawn Wilkinson

Shawn Wilkinson

    Member

  • Lifetime
  • Pip
  • 16 posts

Posted 15 November 2013 - 05:53 AM

At its core we must think of Bitcoin as a protocol. As long as a transaction is valid, it should be propagated through the network, and written in the blockchain. No questions asked. We understand that some might abuse the system, but that is the cost of doing business. Imagine if we proposed a redlist for TCP/IP instead. "This user visited 20% gambling sites, 10% adult sites, etc." No one would be comfortable with that proposition.

As John Stahl stated, while terrible this is not Bitcoin's problem. We are not the global money police. Furthermore, I think the userbase understands the worst case scenario in terms of fungibility. Any coin client that implemented coin tracking would simply be abandoned, so I highly doubt that anyone will write code for this.

#58 Piotr Piasecki (ThePiachu)

Piotr Piasecki (ThePiachu)

    Member

  • Lifetime
  • Pip
  • 128 posts

Posted 15 November 2013 - 06:22 AM

View PostMike Hearn, on 14 November 2013 - 11:11 PM, said:

Block rewards obviously wouldn't inherit any kind of marking because at that point, unless the CryptoLocker guys are also mining, the ownership of the coins would have changed hands and the miner doesn't have any info about where the money came from. Dead end, clear the marks and move on.

This does mean that by co-operating with a miner, extortionists would be able to get unmarked. But that's OK. No system is ever bulletproof, it just raises the bar.

Someone would try starting some block washing service where people would start sending transaction with higher fees just to wash them for a piece of clean coinbase transaction. Already the issue of washing coins by buying hashing power is pretty easy. Making something like this a clear way out pokes big holes in the system.



View PostMike Hearn, on 14 November 2013 - 11:11 PM, said:

What about transactions that mix marked/unmarked inputs - all the outputs get marked too. This may or may not yield any useful clues.
Go onto some popular faucet website, or some social media site or anything, stand on a barrel and start tossing out coins to swarming masses of beggars. Everyone would be happy to get your tainted coins and mix them up with their normal money inflating the amount of tainted coins to high levels.


View PostMike Hearn, on 14 November 2013 - 11:11 PM, said:

Stop here - how exactly would the US government do this? Remember that WikiLeaks is generating a new address for each donation. The USG does not know which transactions are donations to WikiLeaks any more than anyone else does. To start their own mark list, they'd have to donate money themselves. But this doesn't help them find out who else donated. What's more, mark lists are only useful if people check them and make reports based on them. If someone turns up at an office building in Sweden and wants to rent an office building, who says the owner would check any US-created list? Who says they would care? Even if they did care for some reason, what would they do? Turn down the offer? If they personally hate WikiLeaks, why not, but then again they probably wouldn't need Bitcoin to tell them they're renting to WL, they'd know that already.

Mark lists are designed to be started by victim reports - how else do you know what to mark? In the case of WikiLeaks, there are no victim reports.

"Oh hello there owner of the redlist. Here is a gag order for you to keep this conversation secret. You see, there is this organization that is leaking government information in an act of treason. Here is a warrant for you to redlist those addresses. If you don't comply, we will be forced to assume you are aiding the terrorists in getting their money and take you to court and put you away for treason as well." RememberLavabit?

As it goes, if the redlist is supposed to be successful, people will need to make it global. Global usually means "run in the US", which means "controlled by the US". If you have multiple redlists, they are worthless - people could just trade coins redlisted under list A for those redlisted under list B as long as A is green under B and vice versa.

#59 Piotr Piasecki (ThePiachu)

Piotr Piasecki (ThePiachu)

    Member

  • Lifetime
  • Pip
  • 128 posts

Posted 15 November 2013 - 06:22 AM

View PostMike Hearn, on 14 November 2013 - 11:11 PM, said:

Block rewards obviously wouldn't inherit any kind of marking because at that point, unless the CryptoLocker guys are also mining, the ownership of the coins would have changed hands and the miner doesn't have any info about where the money came from. Dead end, clear the marks and move on.

This does mean that by co-operating with a miner, extortionists would be able to get unmarked. But that's OK. No system is ever bulletproof, it just raises the bar.

Someone would try starting some block washing service where people would start sending transaction with higher fees just to wash them for a piece of clean coinbase transaction. Already the issue of washing coins by buying hashing power is pretty easy. Making something like this a clear way out pokes big holes in the system.



View PostMike Hearn, on 14 November 2013 - 11:11 PM, said:

What about transactions that mix marked/unmarked inputs - all the outputs get marked too. This may or may not yield any useful clues.
Go onto some popular faucet website, or some social media site or anything, stand on a barrel and start tossing out coins to swarming masses of beggars. Everyone would be happy to get your tainted coins and mix them up with their normal money inflating the amount of tainted coins to high levels.


View PostMike Hearn, on 14 November 2013 - 11:11 PM, said:

Stop here - how exactly would the US government do this? Remember that WikiLeaks is generating a new address for each donation. The USG does not know which transactions are donations to WikiLeaks any more than anyone else does. To start their own mark list, they'd have to donate money themselves. But this doesn't help them find out who else donated. What's more, mark lists are only useful if people check them and make reports based on them. If someone turns up at an office building in Sweden and wants to rent an office building, who says the owner would check any US-created list? Who says they would care? Even if they did care for some reason, what would they do? Turn down the offer? If they personally hate WikiLeaks, why not, but then again they probably wouldn't need Bitcoin to tell them they're renting to WL, they'd know that already.

Mark lists are designed to be started by victim reports - how else do you know what to mark? In the case of WikiLeaks, there are no victim reports.

"Oh hello there owner of the redlist. Here is a gag order for you to keep this conversation secret. You see, there is this organization that is leaking government information in an act of treason. Here is a warrant for you to redlist those addresses. If you don't comply, we will be forced to assume you are aiding the terrorists in getting their money and take you to court and put you away for treason as well." RememberLavabit?

As it goes, if the redlist is supposed to be successful, people will need to make it global. Global usually means "run in the US", which means "controlled by the US". If you have multiple redlists, they are worthless - people could just trade coins redlisted under list A for those redlisted under list B as long as A is green under B and vice versa.

#60 Saivann Carignan

Saivann Carignan

    Member

  • Lifetime
  • Pip
  • 247 posts
  • LocationQuebec, Canada

Posted 15 November 2013 - 06:30 AM

John Stahl : Just a suggestion, wouldn't the famous "90% of dollar bills carry traces of cocaine" quote be an interesting example somewhere of what is fungibility and why it is essential? Along with the neutrality of technology arguments ( emails don't prevent you from sending Cryptolocker, computers are not defect because they let you open cryptolocker.exe ).

All in all, regarding the initial example of this thread, I think Cryptolocker indeed is a problem that cannot be ignored. As opposed to other usual forms of crime, there is no "physical hook" that can be used to investigate and restrict these harmful activities. Should they grow without restrictions, it is possible that Bitcoin will lose a lot of its users and be marginalized, further more as governements will adopt an increasingly severe stance and as merchants will want not to be associated with Bitcoin anymore.