Binance Hack SAFU and BTC Rollback
View this post on Hive: Binance Hack SAFU and BTC Rollback
5 years ago in #binance by abitcoinskeptic (73)
$33.30
- Past Payouts $33.30, 0.00 TRX
- - Author $25.27, 0.00 TRX
- - Curators $8.03, 0.00 TRX
Wow what an article. So much insight and good advice we all should follow to keep as safe as possible
It amazes me there have not been more hacks with all the open source and distributed nature of it all.
I have play money on exchanges but prefer paper wallets and 2fa wallets.
There will be more no doubt.
Posted using Partiko iOS
I think there are a lot more hacks. I imagine it happens a lot but they are quiet when its only a few thousand dollars . Just search binance reddit people get phished and have their accounts drained all the time.
Binance goes case by case when it is one person because it is difficult to prove.
These guys were just did hundreds or thousands all at once, but it also means they can't use the crypto. It's difficult to imagine what their purpose is because they probably know it.
Posted using Partiko Android
Binance does have a convert dust option, to convert dust to BNB...
Anyway, I think that things have gotten a bit out of control with the BTC rollback. I think it was a casual question on Twitter, and a casual answer. Exchanges do have to consider every possibility... anyway, I'm glad that it was Binance that brought this "solution" to the surface. The fact that perhaps 6-10 confirmations is not really enough for a probabilistic chain to have a decently trusted finality for large transfers.... as those coins can be reallocated to miners as "reward" if the private keys of the originating address are revealed.
I did find the idea quite entertaining from an abstract point of view... as did many others... however, from a practical point of view, it might be a good idea for the implementation of a checkpointing system?
Anyway, they are tracking it.... last news was that it has been partially split into seven different wallets (with the majority staying in the original exfiltration wallet).
I agree the rollback was blown out of proportion, but immediately after a hack isn't the time for that discussion. I definitely think it was reactionary and poorly thought out Tweet.
CZ can and will do as he wishes with BNB because it is barely decentralized. However to take that approach with BTC is not possible.
Any change to btc requires months of discussion and general consensus or it will fail. This is good imo, and why it is still no.1 despite all the imperfections.
He got hacked because he keeps millions of dollars of liquid btc on his exchange. He could very well keep it all in cold stoage and make people wait a week to take out anything. I think an insured vault system would be interesting. A lot of people don't want any risk or responsibility or inconvenience and he makes money on this.
There are a lot of proposals to change btc, its a slow process but well thought out. Lots of people have and will make better blockchains, but i think a one sized fits all blickchain is a bad idea.
Posted using Partiko Android
They hit the hot wallets of the exchange... I think they really can't make people wait that long! If banks did that with fiat, there would be blood on the streets!
Anyway, I think the interesting part is that it does reveal a weakness in the current game theory architecture that secures Bitcoin. That a bad actor with enough bitcoin can unilaterally rebalance the economic incentives for the miners....and that we have to rely on the mining pool to do the right thing. Now, if the bad actor is invested in the long term future of the chain, then game theory incentive is to NOT do this. However, if a bad actor is NOT interested in the long term survival of the chain then it is a big problem. Even more so, as it is not a hard fork... But a reorg.
I think you are right. If a powerful block with a ton of computing power like China, Europe, or USA wanted to bring down BTC, they may be able to in theory. However, people could just reorg anything they did after the attack is done. Besides, I don't think they would bother until it is a massive threat to their economy because as you mentioned it won't actually give them a positive benefit and more likely eliminate a negative one. Also, it will probably allow analysists too much insight into their computing techniques and strenghts to risk it.
I do wonder how they can manage to make it take less time to withdraw without it being dangerous.
I think limiting APIs for withdraw would be an obvious idea. If you are engaged in arbitrage (giving your transfer key to 3rd parties), you don't get protection when hacked. BTC may be able to implement their own protective system.
I would only support a decentralized solution. I am still not sure how that would work.
One thing I could see is set up a kind of timed lock. For example if I hit 21st day of month or lock for 6 weeks, it is impossible to reverse. Allow people to set it for up to 1 year. That means those who want to keep it and forget it can.
Hey @abitcoinskeptic
We checked out your article and we think it is high quality content. Hobo Media has created the Hobo token to support decentralized journalism, think of it like a global currency for everything journalism.
We have decided to donate 5000 Hobo tokens (ticker: HBO) to your work. You can find your tokens on the Keychain wallet in the token area.
Want more tokens? Just following @hobo.media gets you another 100 HBO free, plus you can delegate 5+ SP to us for monthly Hobo token rewards.
Best wishes,
Hobo Media
Thank you @hobo.media
Posted using Partiko Android
Congratulations @abitcoinskeptic! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :
You can view your badges on your Steem Board and compare to others on the Steem Ranking
If you no longer want to receive notifications, reply to this comment with the word
STOPTo support your work, I also upvoted your post!
Do not miss the last post from @steemitboard:
Vote for @Steemitboard as a witness to get one more award and increased upvotes!
To listen to the audio version of this article click on the play image.
Brought to you by @tts. If you find it useful please consider upvoting this reply.
Congratulations! Your post has been selected as a daily Steemit truffle! It is listed on rank 17 of all contributions awarded today. You can find the TOP DAILY TRUFFLE PICKS HERE.
I upvoted your contribution because to my mind your post is at least 7 SBD worth and should receive 221 votes. It's now up to the lovely Steemit community to make this come true.
I am
TrufflePig, an Artificial Intelligence Bot that helps minnows and content curators using Machine Learning. If you are curious how I select content, you can find an explanation here!Have a nice day and sincerely yours,
TrufflePigI read about the hack on Binance the other day. 40 million all gone just like that and impossible to track down. In cases like these I don't hear any news with the authorities getting involved. Inspite of it, BTC is breaking the resistance levels in pricing.
... just a clarification, they are tracking it...
That is good to hear. I guess the just don't provide too much information on the investigation.
You got a 37.81% upvote from @ocdb courtesy of @abitcoinskeptic! :)
@ocdb is a non-profit bidbot for whitelisted Steemians, current max bid is 20 SBD and the equivalent amount in STEEM.
Check our website https://thegoodwhales.io/ for the whitelist, queue and delegation info. Join our Discord channel for more information.
If you like what @ocd does, consider voting for ocd-witness through SteemConnect or on the Steemit Witnesses page. :)
Hi @abitcoinskeptic!
Your post was upvoted by @steem-ua, new Steem dApp, using UserAuthority for algorithmic post curation!
Your UA account score is currently 3.453 which ranks you at #6562 across all Steem accounts.
Your rank has dropped 43 places in the last three days (old rank 6519).
In our last Algorithmic Curation Round, consisting of 166 contributions, your post is ranked at #63.
Evaluation of your UA score:
Feel free to join our @steem-ua Discord server
There needs to be a way to roll back and undo theft, especially on blockchains when all transactions are recorded. It sounds like there was a possible mechanism here, that wasn't used, but such mechanisms should always be used in case of theft. Crypto's culture seems to be unrealistic in these cases.
Proud member of #powerhousecreatives
Right. I think that is what CZ was actuallty talking about. The time to discuss it is before the hack, not immediately after when panicking.
I think on some of the more centralized chains it will be possible. And insured chains like this should exist.
Also insurance is an option. If you allow Binance to keep your bitcoins, they are insured until they aren't.
Unfortunately since it wasn't actually a problem with the chain, the chain itself isn't responsible so miners won't agree to a rollback. Besides, people will just say they were hacked when they lost stuff. Who will pay and what will the obligations of thebaccused be? What kinds of conditions, etc. There is a lot of discussion that needs to happen.
Then there is the key issue. The current price of BTC is a reflection of the current amount of bitcoins in circulation divided by the 23 million possible bitcoins. Then all the bitcoins know to be lost, burned and useless because stolen, etc. Is subtracted from that.
If all of those were recovered, it wouldn't really be fair to those who paid a premium.
It is nice that the blockchain keeps track of everything, but at the same time for the rest of existence, CZ will know where his stolen money is and will never be able to do anything about it. It's similar to these people who lost their private keys, they simply cannot forget and cannot pretend something else may have happened.
Posted using Partiko Android