Catching thieves: Network Jury? Account blacklist? Additional TX script commands?

-2

When someone steals 25,000 BTC from a single user, everyone on the network can just watch the coins move around the public ledger, but no one can do anything about it.

Can't we do something about it? Can we as a community blacklist the thief's account? Or put out an "all-points-bulletin" to flag transactions using the thief's address?

Maybe new script commands can be added to the transaction outputs that require a second signature, 24 hours after the first one, to be valid? If someone gets jacked, they can just wait out the 24 hours and the illegal transaction will cease to exist?

pinhead

Posted 2013-04-12T23:46:04.233

Reputation: 2 356

TLDR: No, because bitcoins, in this aspect, are like cash. – o0'. – 2013-04-13T14:59:04.400

Hi user1653320, welcome to the Bitcoin stack exchange! The reason your question is being downvoted and marked for potential closure is that it reads more like suggestion than a question of fact (which is the purpose of this site). Perhaps you could rephrase it as a question about what is technically possible? If it is more of a "hey let's do something about this" then there are better sites for that--this one is primarily about collecting answers to factual questions for reference purpose. – eMansipater – 2013-04-14T19:27:31.417

Answers

Can't we do something about it? Can we as a community blacklist the thief's account?

I can't find the link at the moment, but there was an e-wallet service that was robbed, and Mt.Gox requires you to submit identity documents if you want to sell bitcoins derived from that robbery.

Or put out an "all-points-bulletin" to flag transactions using the thief's address?

That has the problem that the thief can simply make an intermediary address that disguises its origin.

If you decide that all of those bitcoins ought to be unspendable, even if they've passed onto another address in the meantime, then you have a new problem: if the bitcoins get sold to some innocent third party, and you decided to blacklist them, then you're hurting somebody who had no way of knowing about the theft.

Maybe new script commands can be added to the transaction outputs that require a second signature, 24 hours after the first one, to be valid?

Why would that add security? If I stole your private key, then I can sign the transaction, then sign it again 24 hours later.

Nick ODell

Posted 2013-04-12T23:46:04.233

Reputation: 26 536

...maybe the second signature is different key that can be stored on a second system? – pinhead – 2013-04-13T03:33:48.583

1@user1653320 But then why require the time delay? – Nick ODell – 2013-04-13T04:05:43.987

I know the script protocol was designed to be flexible to increase or decrease security on a tx output. If I had a million BTC I would send it to an address with security worth a million! Require two private keys, keep them on different computers... Time delay, I dunno, I'm just brainstorming... – pinhead – 2013-04-13T18:18:32.460

The short answer is basically "no". The thief will only hold the stolen coins for a short period of time. After that, it's all in the hands of innocent people.

We don't do anything like this with cash. There are no "hot lists" of stolen bill serial numbers that cannot be spent. And for good reason.

The big problem for Bitcoin is that we can't tell real transactions from sham transactions. If we see 25,000 stolen Bitcoins move from account A to account B to account C, we don't know if account B is the account of an innocent intermediary or another of the thief's accounts. And we don't know whether the holder of account C knew the coins were stolen or not.

After one theft last year, the thieves started giving stolen Bitcoins to random people. This was back when I was actively working on performance improvements for the Bitcoin client and one of my donation accounts received Bitcoins that trace pretty directly to the stolen ones. With the Satoshi client, I pretty much couldn't avoid transferring those coins if I had wanted to. They successfully "contaminated" hundreds of wallets and lots of innocent people found themselves using stolen coins. If it was an intentional way to hide in a crowd, it was pretty clever.

David Schwartz

Posted 2013-04-12T23:46:04.233

Reputation: 46 931