#bitcoin is amazingly resilient. Even if an attacker broke the code or we suffered a nuclear war that bombed us back to the stone age the UTXO set would be recovered and bitcoin would come back online with existing holders largely being unaffected
HOWEVER...
HOWEVER...
If I was a central banker my focus would not be on attacking the network, but in discrediting the UTXO set itself.
This might actually be cost effective given the sad state of self custody.
...
This might actually be cost effective given the sad state of self custody.
...
A small number of generally poorly funded and incompetent startups are trusted to secure significant sums of bitcoin in hardware wallets or solutions like Casa.
This is even worse because much of the bitcoin is being held by blatantly custodial services.
...
This is even worse because much of the bitcoin is being held by blatantly custodial services.
...
It is easy to understand how a well funded attacker could destroy the "reputation" of the bitcoin UTXO set by going after custodial services. Simply confiscate the bitcoin or otherwise cause chaos with balances (randomly move funds from one account to another).
...
...
But what about things like hardware wallets, closed source wallets (Casa), phone wallets, etc?
@RobertSpigler and Greg Maxwell cover this pretty well here: github.com/JWWeatherman/y…
...
@RobertSpigler and Greg Maxwell cover this pretty well here: github.com/JWWeatherman/y…
...
As a simple example let's look at random number generation. The 24 words you write down give you total control of your bitcoin, but only if those words are actually random.
It would be incredibly hard to cause bitcoin core to generate non-random words because
...
It would be incredibly hard to cause bitcoin core to generate non-random words because
...
It is open source and there are many competent people watching for a flaw like this in the open source code. People download software from a few major locations and there are people downloading regularly from random locations and checking that there is no funny business
...
...
But this is not true with the most popular ways to store large amounts of bitcoin. Some are blatantly closed source, some are worse because the end user doesn't even install the software (it is installed for them by the hardware wallet seller).
...
...
The net of this is that for a few billion dollars (maybe much less) you could ensure that a significant number of people that believe they have control of their bitcoin do not.
Because the end user has no way of being sure that their words are randomly generated.
...
Because the end user has no way of being sure that their words are randomly generated.
...
What is the response of the people who don't want us to be concerned about this?
Primarily it is "that's a dumb complaint because it is possible to do something else like use dice."
This is a very stupid argument so it is important to ask why it is being made at all.
...
Primarily it is "that's a dumb complaint because it is possible to do something else like use dice."
This is a very stupid argument so it is important to ask why it is being made at all.
...
It is stupid because everyone knows most people follow the "golden path." They rely upon the software creator to guide them through a reasonable setup. They accept the defaults (that is why software has defaults to encourage *default* behavior).
So why make this argument?
...
So why make this argument?
...
Because they are trying to deceive you. This is an obvious fact.
Why are they trying to do that? Here we must guess. Maybe just to sell product, but maybe because they are well funded and intend to exploit this flaw and steal your bitcoin in the future.
...
Why are they trying to do that? Here we must guess. Maybe just to sell product, but maybe because they are well funded and intend to exploit this flaw and steal your bitcoin in the future.
...
Remember this issue is not about the possibility of doing something safe with a given product - it is about the possibility of an attack on the credibility of the UTXO set designed to make bitcoin fail.
Your keys might be safe.
...
Your keys might be safe.
...
But your bitcoin can become worthless if enough other people get ripped off and the credibility of the UTXO is compromised.
I do not think this will succeed if it is being attempted (I covered it in 2017 on 10hoursofbitcoin.com and I do not know if it is being attempted.
...
I do not think this will succeed if it is being attempted (I covered it in 2017 on 10hoursofbitcoin.com and I do not know if it is being attempted.
...
But I do know that if I had substantial budget I would try it. I can't think of any better approach and even if it fails and bitcoin's reputation isn't tarnished enough to let my central bank continue to print money for another thousand years I do think I could break even.
...
...
Because if I can steal enough bitcoin that can pay for the entire operation. So let's talk about how we might attempt this.
One aspect of this attack would be funding companies that control (because of these security flaws) a substantial amount of bitcoin.
...
One aspect of this attack would be funding companies that control (because of these security flaws) a substantial amount of bitcoin.
...
This is standard practice. Many governments fund technology startups openly and secretly:
businessinsider.com/companies-fund…
...
businessinsider.com/companies-fund…
...
This would put you in direct "influence" over the company. From there you only need to get a couple key employees hired and you are in position to push in security flaws. These flaws could simply be inserted in 1 out of 10 of the hardware wallets you ship
...
...
Or you could use the access you have to cross reference the shipping address with people that are not technical, but have a high net worth (this is a 2 minute task at most if you are one of the ten's of thousands of people with access).
...
...
Now what would you do? You wouldn't want to exploit these flaws immediately. You might know the seed words to 3 billion in bitcoin, but that does not mean you should move the funds immediately.
...
...
Instead you should probably coordinate this attack with other operations for maximum impact. Maybe at the same time you exploit a denial of service bug in the network, have some countries ban bitcoin in response to a false flag (yes these are also pretty standard).
...
...
You also don't primarily want to steal funds. You want to create distrust in the UTXO set. So ideally you steal funds over as long a period as possible without the victims moving the funds first. Why?
...
...
Because if on Tuesday at 3pm you steal everyone's bitcoin you leave a clean UTXO history that is trustworthy. This would certainly result in a hard fork and would be damaging, but one fork or the other would eventually emerge victorious and your goal is destruction.
...
...
So to discredit the transaction history optimally you want to start slow and build up to the knowledge that you have compromised a lot of bitcoin storage.
In that case a hard fork might occur anyway, but it would be unclear what point in time is most reasonable.
...
In that case a hard fork might occur anyway, but it would be unclear what point in time is most reasonable.
...
What is the countermeasure for this attack? Simple. Competent people must encourage everyone to use free and open source software. We must encourage installing the software that generates seeds yourself.
Is it too hard?
...
Is it too hard?
...
No, it is as easy to install bitcoin core as Microsoft Word (probably easier). And we only need people to do it if they are storing a lot of bitcoin. As I've said for years if you have less than 10k in bitcoin something like @bluewalletio or Green by @Blockstream is fine.
...
...
Again this is an easily debunked and verified lie. So why are people telling you it is difficult? That your only options are to go custodial or use something that is susceptibly to this attack?
I don't know.
...
I don't know.
...
But I do know I care about the world my children and grandchildren will inherit and I do think bitcoin is our best present hope for avoiding the dystopia we all see on the horizon.
(end)
(end)
• • •
Missing some Tweet in this thread? You can try to
force a refresh
