I'd take issue on two points. First, "wallets' don't exist in the Bitcoin protocol. Second, the tool being used is not sophisticated enough to list the inputs and outputs, giving the false impression that something unusual is "unknown." Try this link to get details:
There are numerous inputs and a single pay-to-script-hash (P2SH) output.
The relatively high fee is due in part to the large number of inputs. ~400 satoshis/byte is high by today's standard but not too unreasonable as early as 2017.
We can't tell anything about the identity of the owner(s) of the new coin from the block chain alone.
Making a transaction this large is a security risk. It effectively establishes a billion dollar bounty for any party who can rewrite enough blocks to erase it. Now that the value resides in a single coin, any subsequent transaction faces the same risk. Plunking this much value into a single coin seems like an odd strategy at best. Not to mention the destruction of privacy in combining all those inputs into a single transaction with a single output.
I can think of one reason you might want to do this. A consortium/trust has formed in which individuals pay into a common pool of money. That money is then protected with a multi signature script (consistent with the P2SH type). Given a threshold of signatures, the money can be spent, subject to other constraints. These will remain unknown until the first payment is made. At that point we'll know the number and identity of all the eligible keys and the threshold needed to make payment.
If so, this transaction can be thought of as a kind of digital charter for the consortium in that it defines how the money can be spent going forward.
Edit: to be clear, the "bounty" I'm talking about can't be directly claimed just by mining some blocks. Instead, it would have to be claimed as part of a double spend of either the transaction in question or as subsequent transaction of the now-enormous output. Most likely, there would be collusion of some kind between a miner and the owner of the keys. I'm not saying this will happen, but the bigger the transaction, the greater the risk.
> It effectively establishes a billion dollar bounty for any party who can rewrite enough blocks to erase it.
I don't really agree with that statement. Yes, someone could mount a 51% attack to rewrite that block. However, it would be pretty straightforward to see what was happening (and which nodes were the malicious actors). If that did happen, the possible outcomes would be:
1. The value of bitcoin would fall to basically 0. The reason bitcoin has any value at all really has to do with trust - belief that the protocol is secure and can't be broken. In this case, an easily detectable spending "override" would cause faith in the protocol to evaporate.
2. Note I don't believe #1 would happen. The response would be all the other miners who do have a vested interest in bitcoins success would put all their resources in ensuring the original block was maintained.
I.e. the options aren't between one address getting the billion+ dollars or another address getting a billion+ dollars. The options are one address getting a billion+ dollars or everyone's bitcoin going to 0.
Edit: Another likely possible outcome is you could get what happened to Ethereum when the DAO was hacked: a fork to Ethereum vs. Ethereum Classic. But it's still important to note Ethereum Classic is worth a teeny fraction of what Ethereum is.
the amount of trivialization and conflation irks me
1. "51% attack" is not a thing as in "one has to have 51% of hashpower to perform it". it's just that with 51% of hashpower it becomes relatively cheap to perform such attack. one can throw enough money at the problem and get lucky to perform large reorg with just 10% of hashpower. the lower the number - the more lucky attacker has to get.
2. "rewriting a block" or "billion dollar bounty" as the GP put it are just conveying wrong ideas. there is zero chance for that $1B to get stolen even if attacker gets 100% of hashrate. all they can do is revert the transaction so that money goes back to original owners by generating a fork in the chain that doesn't include said transaction.
even that is not enough because competing miners (assuming attacker doesn't really have all 100% of hashpower) will still eventually include the transaction because it pays lucrative fees.
the trick here is that in Bitcoin parties agree to finalize the deal only after certain number of confirmations (blocks created after the one that includes the transaction). general rule is to wait for 6 confirmations.
if there indeed was some $1B deal where 94k BTC changed hands i wouldn't be surprised if their agreed upon number of confirmations was ~500 blocks (half the value of transaction in question in miner rewards), which is roughly 3 days wait.
ultimately though i'm pretty sure this was some kind of cold-storage consolidation so no BTC actually changed hands.
There is a danger of theft, and the risk is to everyone, not just the parties to this big transaction. The risk is this:
1. A malicious syndicate gathers a billion dollars of bitcoin and sends it to themselves
2. In a short period of time, like a few days, the syndicate exchanges that bitcoin for non-bitcoin assets
3. The syndicate spends tens or hundreds of millions of dollars to fork the chain, backing up the ledger, so that they own the billion dollars of bitcoin again
So anyone accepting bitcoin for non-bitcoin assets for the next week or so is at risk. It doesn’t have to be a single transaction, though; this danger occurs whenever the transaction volume on bitcoin gets above the cost of mining.
If someone could fundraise a billion dollars, using it to steal another billion dollars (not great ROI considering all the security risks of bitcoin ecosystem) at the expense of shattering worldwide faith in Bitcoin (which also devalues the stolen coins), seems a really bad bet. It only makes sense if it was a government or some group spending a billion (semi illiquid because Bitcoin) dollars with the goal of destroying the Bitcoin ecosystem.
> it's just that with 51% of hashpower it becomes relatively cheap to perform such attack
The qualitative difference is that with 51% of hashpower you can sustain the attack indefinitely. Other miners might get the occasional block and temporarily take the lead but in the long run you'll always have the longest chain using only blocks you've mined yourself.
With less than 50% there's a chance that you can revert a transaction temporarily by mining two consecutive blocks (one to omit the transaction and another to make your chain longer than the original) in less time than it takes the main network to reach the same block height, but the odds of maintaining the attack drop by at least half with each additional block. The main network will always win eventually.
In any case no one controls anywhere close to 51% of the hashpower right now. There are pools which approach that size but they aren't monolithic entities; if the pool operators attempted to leverage their position as coordinators to carry out a sustained attack then miners would leave the pool.
That assumes that every other miner all mines the old chain. If you and ‘dumb’ miners that just use the longest chain add up to 51% then luck is enough.
No, I was assuming that the other miners continue the longest chain, not the old chain. But they'll include the transaction(s) you were trying to suppress in their blocks; they're not on your side. Each time they mine a block you have to start the attack over again, and the odds are not in your favor. You control under half the hashpower and you need to stay at least one block ahead of the main network. It's not a race you can win in the long term, even assuming a certain amount of luck.
If those transactions are larger than the wallets remaining funds that can’t happen. Aka wallet A moves coins to wallet B on the old chain and moves all it’s funds into wallet C in the new chain. In that case the A>B transaction is invalid on the new chain.
That isn't quite how Bitcoin works. Transactions use specific unspent prior transaction outputs (from the "UTxO" set) as inputs; there is no concept of "remaining funds". However, you're mostly right: if the attacker controls the private keys related to the original transaction then they can insert a conflicting transaction and make the original one permanently invalid on that chain. However, an attacker who does not have the private keys to sign a conflicting transaction cannot prevent the transaction from eventually being confirmed unless they control over 50% of the hashpower.
If you're concerned that the person you're receiving funds from might be willing to attempt a double-spend then you should wait for a suitable number of confirmations before considering the funds successfully transferred. However, if they control over 50% of the hash rate then there is no suitable number of confirmations that would make the transfer safe.
you're right, 51% represents a certain barrier when the attack becomes much more destructive, but it's still a spectrum. you can destroy faith in the system and value of bitcoin by performing multiple long reorgs with less than 51%.
Your math is off here. Block rewards are 12.5 BTC per 10 minutes and total fees per day are about 25-75 over last month. To get half of 94k BTC you'd be waiting quite a long time at 1,850 BTC per day total rewards + fees per day. 25 days, not 3.
I disagree, because historically major cryptos have allowed known attacks to succeed if they targeted a member of the public at large, and have defended only if they targeted named insiders.
The expectation, at this point, is that defense will only occur if you are an elite insider. An unknown user may or may not be such an elite, and thus may or may not get defense.
> I disagree, because historically major cryptos have allowed known attacks to succeed if they targeted a member of the public at large, and have defended only if they targeted named insiders.
Surely you aren't going to make such a statement without examples! I can think of examples where things were attacked, including some of the largest value destructions, and insider status didn't help. For example, the multisig thing that happened to Gav Wood (the second time).
If your lone example is the Dao attack, that looked like successful governance to me.
The astounding, insane decision to use "libraries" aka delegate call in any immutable smart contract always boggled my mind. The amount of space saved is so ludicrously small as to beggar belief. Hope the 10k or whatever worth of space savings (about 20 transactions worth) was worth it.
Anyway, he didn't get a roll back, and the $200m in value that disappeared didn't either.
Well he's not a US citizen and unless he's insane, his corporations are offshored in a 0% domocile. It's really only a problem for Americans; everyone else who has their shit together can stick their corporate shell on Cayman or whatever.
> 1. The value of bitcoin would fall to basically 0. The reason bitcoin has any value at all really has to do with trust - belief that the protocol is secure and can't be broken. In this case, an easily detectable spending "override" would cause faith in the protocol to evaporate.
That seems a little out there.
(1) There is something like 1 person who uses bitcoin to move billions of dollars around. The small-time users (<$1,000,000 per transaction) wouldn't have any reason to lose trust in the system. If some company loses $1 bil in dollars, I really don't care; I don't live in a world where it affects me personally. Nobody is ever going to put serious resources into stealing from me because I'm just not that important.
(2) If they re-write the block, that doesn't mean that they've gotten away with it. Most countries have a legal system that would sit up and take notice if someone signs up for a billion dollar transaction, takes the goods and welches on paying.
"Most countries have a legal system that would sit up and take notice if someone signs up for a billion dollar transaction, takes the goods and welches on paying"
This is an important perspective. Many BTC investors are unsophisticated retail investors, and are often "true believer" and magical thinking types. They're this decade's version of gold bugs.
I think gold bugs are this decade's version of gold bugs, and heavily overlap with "unsophisticated retail investors" but not necessarily bitcoin enthusiasts.
I note that my emails from seekingalpha recently have ads saying "Vote <you-know-who> in 2020! Free Gold Victory Coin For Supporters - Claim Yours Now".
To borrow a phrase from Walter Sobchak--
2500 years of beautiful tradition from the Lydian Stater to the American Gold Eagle, you're goddamn right I'm a f*ing gold bug!
Does the time it would take to spin up enough compute to carry out a 51% attack decrease its likelihood? I.e more blocks are being written every day, so you need to do additional work to create the alternate chain?
So, if I were a hedge fund, I can effectively short Bitcoins and spend a piddly amount to build a datacenter to carry a 51% attack.
If the attack fails, I can re-purpose my datacenter
Repurpose it how? You'd need ASICs to mount a 51% attack. Using a few quickly googled numbers, you'd need ~56EH/s to double the network and mount a 51% attack. An S9 does 14TH/s, so you'd need ~4 million, at $3k each.
So around $12 billion (plus the datacenter, operations, etc). You'd pretty much send BTC to being worth $0...and then you're stuck with $12 billion in useless hardware.
Can anybody explain to me why would anybody try to make their alt-coin ASIC-resistant? They claim it is do decrease centralization but like parent says it just makes 51% attack possible with cloud computing and 0 investment in hardware or logistics.
The issue with ASIC mining is the the barrier to entry is extremely high so only a small number of people have the means to produce the chips. Economically it might not make sense to sell them and, to make the situation even worse, patents can prevent competitors being able to use the same innovations.
If your plan is to use general-purpose computers for mining then Bitcoin has nothing to worry about. You'll never manage a 51% attack that way, no when all your competition is using ASICs.
Moreover, to gain $184B by shorting Bitcoin you'd need to find someone willing to loan you $184B worth of Bitcoin, and then somehow sell all of it without crashing the price or drawing unwanted attention to your activities. Of course if the price doesn't react the way you expect you could end up paying a lot more than $184B to buy it all back to repay the loan. You shouldn't assume that even a successful (but expensive, and obviously temporary) 51% attack will drive the price down to zero.
It all depends on who is doing the attacking. If the attacker is a state government or someone with billions of dollars and compute to spare, ASICs aren't going to fight this losing battle.
Heck, you can buy off the ASIC miners for a few million dollars (all we have to cover is their net profit, which is pretty low)
The cost of mounting the attack with general-purpose computers would be orders of magnitude higher than the US$12B calculated above, just from the energy bill. Check out https://en.bitcoin.it/wiki/Mining_hardware_comparison; the ASIC AntMiner S9 gets 10 billion hashes per joule, while on https://en.bitcoin.it/wiki/Non-specialized_hardware_comparis... you can see that the most efficient GPUs get 2–3 million hashes per joule, 3000 to 5000 times less. So instead of spending US$12 billion on hardware and US$4 billion per year on power, you'd be spending US$12 trillion per year on power. No state has such a large budget; that's more than half of the US GDP, and about 15% of world GDP. That's more than the amount of marketed energy produced in the world.
That is, the attack you're proposing would require commandeering 15% of the world economy and more than doubling world electrical generation capacity.
Bribing or backdooring ASIC miners is a far more likely vulnerability.
To be a bit more specific, the ASIC is a computation built in hardware. It can do that computation and that computation alone. The algorithm in Bitcoin does absolutely nothing useful -- you are just hashing a random number and seeing if the result is below a certain value. Since you can't change the computation on the ASIC, it's absolutely useless for anything except mining bitcoins.
Maybe this is dumb/naive, but I've wondered for quite a while - what if you take the latest deep learning/AI techniques and try to train a system to predict the approximate size of the hash from the input number? Has anyone seriously tried and failed?
A different angle from the sibling comment's: the hash functions used here are meant to approximate pseudorandom functions, which are functions that, while deterministic, literally have no structure at all relating their inputs to their outputs in any way.
Hash functions used in the real world haven't been proven to have this property (and there are various theoretical limits on how readily they could be proven to have it, and maybe on the extent to which they could actually have it), but in order to be widely adopted, a hash function has to pass every available statistical test for approximating pseudorandomness, and also has to resist mathematical analysis aimed at finding useful structure. That means that ordinary human intelligences fail to find a practical recipe for predicting properties of the output from properties of the input.
In the same way, we would expect that deep learning systems fail to find such recipes too.
On the other hand, it's not absolutely impossible that there are some kinds of regularities that a deep learning system might discover. If so, they would be considered very serious flaws in the hash function in question. But deployed cryptographic primitives have sometimes had problems like this. The best example that I know of is the RC4 cipher
where there have been a series of statistical biases (which are often forms of correlation between input and output, which should not exist if RC4 approximated pseudorandomness well). Some of these were apparently discovered experimentally by researchers with some kind of hypothesis testing tools, as opposed to based on theoretical abstract reasoning about the mathematics of RC4. This makes me think that some kinds of deep learning systems might also have been able to discover those correlations, although I'm not sure that they would have been the most efficient methods for doing so. (An interesting test might be to try to use deep learning to find new correlations in RC4 that aren't yet known -- which seems plausible since researchers have repeatedly found new ones over time.)
I think there are interesting problems about what kinds of correlations and structures deep learning systems can or can't learn efficiently, and whether those are the kinds of correlations and structures that are likely to exist as genuine flaws within deployed hash functions. I definitely don't know enough about the mathematics of deep learning to appreciate how to begin answering this question; I only know that if it turned out to be useful in some case, it would mean that the application of human intelligence and existing statistical tools to assessing hash functions' security had dramatically fallen down on the job.
If you could do it, you'd be famous for more than BTC. It would mean that you could factor numbers in polynomial time. Long story short, calculating the hash for BTC is intended to be a non-polynomial problem. If you can find a method (any method) that will reduce the search space of the answer such that you can calculate it in polynomial time, then you have proved that NP=P (If you can find a way to solve any non-polynomial-time-hard problem in polynomial time, then it means that all NP hard problems can be solved in P time). This would completely break all current encryption.
Most people think that this is impossible, but it has not been proven yet. Unless you had some reason for believing the technique would work, it's probably not worth the effort to try.
One minor correction to this (although I agree with you conceptually) is that there are no formal security proofs of the complexity class of hash function attacks for actually-existing hash functions. So there is no guarantee that the most efficient way to break a hash function security property is a generalizable attack on NP problems! It might just be that the specific hash function is weak in a previously unknown way.
A sort-of precedent for that kind of problem which I mentioned in my sibling comment is the correlation weaknesses in RC4. While they're not the most powerful possible break of RC4, by any means, they are unanticipated flaws in the structure of RC4 specifically, and they might well have been discovered by software tools that can't solve NP problems in general. It seems to me that we don't have security proofs for symmetric cryptography at all, including for block cipher security properties as well as hash function security properties, and so while your observation is totally right in general, in any specific case it might just turn out that the cryptographic primitive we were using was weak in an unanticipated way that's specific to that class of functions.
In some ways you are correct, but you have made some errors.
As schoen pointed out, no common hash function, including the ones used in Bitcoin, has a proof of NP-completeness.
Moreover, none of those hash functions involve factoring numbers, and factoring numbers is also not known to be NP-complete, although it is also not known to be tractable in polynomial time. One reason commonly-used proof-of-work functions do not involve integer factorization is that, while integer factorization is not known to be doable in polynomial time, there are a number of algorithms that require subexponential time, so an integer-factorization-based proof-of-work witness would be much larger than an equivalent hash-function-based proof-of-work witness.
Also, it is not the case that efficient integer factorization would completely break all current encryption. Not only do no commonly-used hash functions depend on it, neither do any commonly-used symmetric ciphers (such as AES), and the currently-most-popular asymmetric cryptosystems also do not depend on the difficulty of integer factorization; instead they depend on the difficulty of the elliptic-curve discrete logarithm problem.
ECDLP is also not known to be NP-complete, but the currently-known algorithms for it are much worse than currently-known algorithms for integer factorization, so elliptic-curve cryptosystems require much smaller keys and less computation to resist the known attacks than integer-factorization-based cryptosystems.
As little as ten years ago, algorithms that could be broken by better integer factorization algorithms were relatively much more important than they are today, because elliptic-curve cryptography was much less widely used. Many vulgar accounts of the situation intended for the ignorant are not up to date.
Finally, it is not true that a proof that P=NP would "completely break all current encryption", for two reasons. First, it might not be a constructive proof — it might show that a polynomial-time algorithm for factoring integers, solving ECDLP, or computing hash preimages exists without actually telling you how to compute it. Second, even a constructive proof of P=NP might not provide an algorithm that was adequately efficient — if it takes O(n²) time to encrypt and decrypt, where n is the size of a key, but O(n⁸) time to break a message or a key, you might be adequately safe with, say, RSA-4096. But an O(n⁸) algorithm for 3-SAT would definitely be a constructive proof of P=NP.
(Shor's algorithm on a quantum computer can break RSA, because it does depend on integer factorization, in O(n³) time, if quantum computers can exist, which they probably can. This would not make it impossible to do RSA encryption securely, but it would require much larger keys than are currently used.)
However, your fundamental point is that a successful attack on Bitcoin's hashing algorithm, using artificial neural networks or anything else, would be very surprising and have major implications, because that proof-of-work scheme is designed to require exponential work, and as far as anyone knows, it does. And that fundamental point is correct, even though you have made a number of errors in your supporting points.
SO these machines are made to specifically mine bitcoin, other ASICs do other jobs, but individual units cannot transfer from one job to another and cannot be re-purposed.
Right, the ASIC in your DVD player that does MPEG-4 decoding is useful for something other than Bitcoin mining. But it's not useful for Bitcoin mining at all. Similarly for a motor-controller ASIC, an HDMI encoding ASIC, a GPRS radio ASIC, and so on.
It doesn't matter if the US government is doing the attacking, they're not winning with general purpose hardware. ASICs are literally thousands of times faster with lower power consumption than GPUs. Also, any state attacker worth their shit would have the ability to develop their own ASICs so I don't know why you're hung up on using general purpose hardware.
Finally, you certainly cannot buy off the ASIC miners with a few million, not least because they own billions of dollars worth of ASICS that can't do anything but mine Bitcoin, and a successful state-orchestrated attack on Bitcoin would make all of them worthless. I don't think a state government taking down Bitcoin by its own rules is completely impossible, but you don't seem to have any grasp of the scales involved.
State governments have simpler and more reliable ways to attack the system. Like armies. Buying off the miners would require at least a few hundred million dollars—you'd need to buy the hardware to pull off an attack like that, not just rent it for a while. And you still wouldn't manage to get anywhere near the full market cap by shorting Bitcoin while you do it. You'd never find anyone crazy enough to loan you that much. A small fraction, perhaps. Not enough to cover your expenses.
And in the end, after your massive investment, the community would just make some trivial change to the protocol and completely ignore the attack. Really, if this sort of thing was so easy then everyone would be doing it. You're certainly welcome to try.
First of all hardware is a bottleneck, so likely the state needs to procure or manufacture their own. Which delays the start of the attack, during which time the network will continue to grow. The state cannot just magic ASIC devices from nowhere.
Those numbers are pretty inaccurate, though, for cases where the NiceHash capacity is well below what is needed to mount an attack. I.e. the $768k for an hour of bitcoin attack actually vastly under estimates the cost, because to mount that attack you would need to purchase the hashing power large enough to mount that attack.
Yes. Also, an attack would be fairly obvious and miners invested in the future of the blockchain (i.e. everyone using ASICS, which is everyone that matters) would increase their hashrate to mount a defense, increasing the cost by some hard-to-predict but significant amount.
Kind of. ASICs aren't exactly super available, but the manufacturers are also players, so if the attack is severe enough to be an existential threat to Bitcoin, I expect Bitmain (largest ASIC manufacturer) will fire up their unsold inventory which amounted to more than a billion dollars worth as of last year.
Separate from the manufacturers, relatively easy courses of action I can see are buying hashing power from marketplaces like nicehash, and temporarily concentrating their machines on BTC and not mining BCH. This can only get you so much though since BTC hashrate dwarfs BCH hashrate.
Hash rate is 90+m terahash and increasing, good luck R&Ding the chips and obtaining enough to achieve. Retail pricing is around 3k per 50 TH/s, and that is just for hardware.
Sure, naked shorts are bounded, but a naked short is not the only way to profit from the decline of an asset.
And really, if you’re talking about limiting cases, you’re bounded by what your counterparties are good for, and by what your relevant regulators will let you get away with (or, depending on who your counterparties are, how far you can go before you end up in a ditch somewhere)
> It effectively establishes a billion dollar bounty for any party who can rewrite enough blocks to erase it.
To do what exactly?
Nobody can redirect the transaction to themselves and the best they can do is erase it. 51% attacking the network will cost you a lot, and you won't actually win anything in your attack.
Even if the owner of the coins is the attacker, you can only win by double-spending the transaction by reversing a payment to someone else. Of course if we're talking about such a large transaction you should wait for more confirmations, making the double-spend attack so much more difficult to pull off.
Anything you would get in return, like a bank transfer or parts of a city, would have a much longer settlement time. Being afraid of your Bitcoin transaction being reversed should be the least of your worries.
If the liquidity is enough,
1) Short Bitcoin to the tune of several Billion dollars.
2) Do a 51% attack and essentially prove it's worthlessness.
3) Profit
If you have amassed enough hashpower to be able to do the 51% attack you have far more to gain economically from continuing to mine for the network than to somehow short it (impossible to find a counterparty for a transaction that large) and then have billions of dollars of hardware that is now worthless
Contracts are established between market participants; the issuer is just a facilitator. LedgerX options are fully collateralized so you could certainly reap the entire value if you bought a put and the price dropped to 0. Liquidity is not very deep though, so you wouldn’t be able to buy much. Margined products (such as Deribit’s options) would probably be force-closed long before the price hit 0.
I feel like LedgerX bragging that they are both an exchange and a clearing house does not inspire confidence in their risk management department, although I'm sure the bright minds at the SEC have done their due diligence as they always do.
With only six confirmations it's extremely hard (in practice impossible) to reverse, which happens in around an hour. Just wait a few hours, or even a day, and the risk is basically non-existent. There are a million other things to worry about at that point (including someone hitting you with a wrench until you send them money).
The transaction now has 572 confirmations. Nobody will ever reverse that.
> Making a transaction this large is a security risk. It effectively establishes a billion dollar bounty for any party who can rewrite enough blocks to erase it
... accomplishing exactly nothing as all that would do would be returning the money to original spenders. Really, the amount of misinformation floating here is unexpected.
> Now that the value resides in a single coin, any subsequent transaction faces the same risk.
Non sequitur. A rollback of such a block would, by significance be somewhere between "mildly annoying" and "introducing suspicion that future transactions could also be rolled back." In any case, coins would end up where they are supposed to, and no theft can be done. There would be increased risk of double spends, but worried parties could always invest in more (legit) hashpower.
> A consortium/trust has formed in which individuals pay into a common pool of money.
Speculation, but reasonable. It makes business sense.
> That money is then protected with a multi signature script (consistent with the P2SH type). Given a threshold of signatures, the money can be spent, subject to other constraints. These will remain unknown until the first payment is made. At that point we'll know the number and identity of all the eligible keys and the threshold needed to make payment.
Speculation, but too wild. Basically wishful thinking.
> Edit: to be clear, the "bounty" I'm talking about can't be directly claimed just by mining some blocks. Instead, it would have to be claimed as part of a double spend of either the transaction in question or as subsequent transaction of the now-enormous output. Most likely, there would be collusion of some kind between a miner and the owner of the keys. I'm not saying this will happen, but the bigger the transaction, the greater the risk.
Again, wild speculation. So the theory is that someone collected $1B in BTC just to pull off a massive double spend stunt? At that level, it's likely that rubber hose cryptanalysis would resolve the issue quite efficiently.
You really misused the term "coin". In Bitcoin protocol you don't "put value" into something named a "coin". "Wallet" is far more widely used and well-defined.
The OP didn't misuse the term "coin". In Bitcoin it refers to the value of a single input or an output. When the OP says "Plunking this much value into a single coin seems like an odd strategy at best" they mean "Plunking this much value into a single unspent transaction output seems an odd strategy".
"Wallet" is widely used and well-defined, but it doesn't refer to something that can be observed in the blockchain. In the blockchain we can observe keys and scripts; a wallet is a usually-encrypted data file containing a potentially large number of keys.
> Making a transaction this large is a security risk. It effectively establishes a billion dollar bounty for any party who can rewrite enough blocks to erase it.
This is incorrect. It creates a billion dollar bounty only for the sender if they want to commit fraud by effectively reversing the transaction and trying to double-spend the coins by sending them elsewhere.
Anyone with 94k BTC would probably be harming themselves by simply driving the value of BTC to almost 0 by performing such an attack. It would be extremely obvious to everyone once this transaction was reversed due to a chain reorg.
why does this make it a bounty? even if you are an alien and have any power to game with bitcoin, such as doing a 51 percent attack, finding private keys, etc. you still have the whole blockchain of bitcoin to play with and probably you would start with many small transactions to go unnoticed.
Anyway, what makes the value of bitcoin is its security, knowing that it can be hacked or gamed will make it worthless.
I can count maybe 5 people in the crypto space that would have that much BTC, but none of them would be dumb enough to put it all in one wallet. Most likely some large institutional investor decided to re-key their cold storage wallet.
It's probably the DOJ. They raided BTC-e and stole 2 billion during the Ukraine War.
BTC-e was the longest running bitcoin exchange and the single most reliable. I had more money than I'd like to admit stolen from me. Their statement was only people who participate in tax evasion use btc-e.
BTC-e undoubtedly had a ton of legitimate users, like yourself, but also a lot of fraudulent users. And most importantly, it was established and operated by its founder as a money laundering scheme. He used it used to launder all of the stolen funds from the Mt. Gox hack (worth several billions, depending on when you measure the value), among other things.
BTC-e was a cover to help criminals steal from Bitcoin exchanges and safely dilute the funds.
It sucks that you lost your money, but it was wrapped up with billions of dollars of dirty money, and it's probably tough for investigators to distinguish the two.
>He used it used to launder all of the stolen funds from the Mt. Gox hack (worth several billions, depending on when you measure the value), among other things.
It was not. Coins going in and out of btc-e were labeled making laundering through btc-e difficult at best.
>BTC-e was a cover to help criminals steal from Bitcoin exchanges and safely dilute the funds.
BTC-e was around longer than those exchanges.
The thing about BTC-e is every time bitcoin crashed btc-e would chug along just fine without going down. All other exchanges would become unresponsive. This made, at that time, btc-e the only "safe" program trading bitcoin platform. (Of course, in hindsight, with the us gov coming in and stealing all that money, safe is a bit of an over statement.)
It was, though. Vinnik created it as a way to help people launder stolen / illicitly-gained cryptocurrency, perhaps in addition to providing standard exchange services. Cryptocurrency from large hacks appeared in Vinnik's personal BTC-e account on several occasions, for example.
BTC-e was perhaps "safe" in that it seemed to be operated competently from a technical standpoint, and it didn't appear to attempt to scam its users (both of which may not be true of Mt. Gox), but it didn't really need to worry about costs due to the absurd amount of profit they were making from their laundering hustle.
It wasn't that they merely turned a blind eye to the laundering. Vinnik personally assisted in the laundering, presumably by working with some of the exchange hackers.
>BTC-e was around longer than those exchanges.
I should've said "a cover to help criminals launder illicitly gained cryptocurrency". There were plenty of reasons to launder cryptocurrency before any large exchanges existed. He didn't help just with exchange hacks. But when exchange hacks started happening, business was certainly booming for him, since that was the easiest way to steal a lot of cryptocurrency at once.
The US government may have inadvertently stolen your money, and other people's, but they did it to reappropriate billions of dollars money stolen from citizens around the world, including American citizens. Vinnik helped intentionally steal money from ordinary people who used Mt. Gox and other exchanges, and pocketed a lot of it for himself. Hopefully some of the money the US government seized will be returned to their rightful owners one day, but who knows.
The court case is starting in a little over a week, so Alexander Vinnik (the one accused of the MtGox hack, who was a technician working at btc-e) has yet to be found guilty or innocent.
>On 25 July 2017, suspected BTC-e operator Alexander Vinnik was arrested at the behest of the United States Justice Department while vacationing with his family in Greece.[8][9] Wanted for money laundering by both France and Russia, in addition to the US[10]. Vinnik agreed to be returned to Russia, where he was charged only with fraud.[11] In October 2017 the extradition request by Russia was approved by one Greek court, but the request by the United States was approved by another.[12] The decision to extradite Vinnik to the United States was upheld by the Greek Supreme Court on December 13, 2017.[11] However, in July 2018 Greece agreed to extradite Vinnik to France instead,[13] giving precendence to the European warrant.[citation needed]A final ruling is scheduled for September 19,[14] though Vinnik's lawyer claims that "the decision on Vinnik's extradition to Russia has been made".[15]
It's good that he didn't end up going to the US. The US, while legitimate in many ways, has a history of corrupt court practices. If it's in the government's interest to keep the 2 billion, which it is, they will do everything they can to throw him under the bus.
> The US, while legitimate in many ways, has a history of corrupt court practices.
I don’t know how can anyone with straight face compare US court system to Russia’s and not conclude that US is orders of magnitude more fair and less corrupt. Are you being serious right now? Russian court system is literally proxy for Putin’s decisions.
EDIT: disregard that, i somehow assumed extradition to russia was a sure thing already
yeah, you're right, i think i got confused by the last statement. it's not final yet where he's being extradited. greece's ruling party's flirting with russia in past couple years makes me quite skeptical and pessimistic.
He's being extradited to France, which probably has less bias, but still a bias. I doubt the US will get involved behind the scene in France, because they've phrased their reasoning for the heist as btc-e's users were money laundering, so even if he is found innocent, the US still gets to keep the money and not look bad.
Russia may have a bias, I'm uncertain. I'm not sure how happy Russia was about btc-e. BTC-e may have been in the Ukraine, but Russia implicitly requires neighboring countries to follow Russian law. Did BTC-e break Russian law? I have no idea. But because he is not being extradited to Russia, we'll probably never find out what Russia thinks.
>> The US government may have inadvertently stolen your money, and other people's, but they did it to reappropriate billions of dollars money stolen from citizens around the world, including American citizens. Vinnik helped intentionally steal money from ordinary people who used Mt. Gox and other exchanges, and pocketed a lot of it for himself. Hopefully some of the money the US government seized will be returned to their rightful owners one day, but who knows.
So the US stole money that was stolen and... might give it back?
You lent that money to a shady organization. Once you lent it, it was no longer your property. You then became a creditor of that organization and your coins became their assets. The organizations assets were seized due to systemic criminal activity and they could no longer repay their debts to their creditors. Just like any other financial institution.
Some quote about bitcoin enthusiasts rediscovering the reason for regulations in the financial markets one loss at a time.
Regulations is what made proverbialbunny lose the money; it would probably not have happened had BTC-e been allowed to continue the alleged criminal activities. Of course, that might be worse for the rest of society.
Regulations and criminal law are two different things.
If btc-e were part of a well-regulated financial system, they would have gone through a liquidation process and creditors would have been paid some % on the $ what they were owed.
This is what happened with BCCI when it was raided and shutdown for massive money laundering.
>Just a month later, BCCI's liquidators (Deloitte, PWC) pleaded guilty to all criminal charges pending against the bank in the United States (both those lodged by the federal government and by Morgenthau), clearing the way for BCCI's formal liquidation that fall. BCCI paid $10 million in fines and forfeited all $550 million of its American assets – at the time, the largest single criminal forfeiture ever obtained by federal prosecutors. The money was used to repay losses to First American and Independence and to make restitution to BCCI's depositors.
Thanks for posting this.
I don't understand how the US can go in and decide BTC-e was a money laundering op and then confiscate bitcoins and put people in jail. Who decides who gets those bitcoins?
Surely many other countries have money laundering laws. What makes the US so special that they can go flip a business operating in the Ukraine?
> Surely many other countries have money laundering laws. What makes the US so special that they can go flip a business operating in the Ukraine?
Likely what makes the US special in this instance is that they did it first, and as long as other countries aren't going to make a stink about it (i.e. the US backs up its claims to some degree or the other countries don't want to question them), then it will get away with it.
Rule of law is for people. Countries operate on a mixture of laws, norms, and consensus building. If every country but one decided to raid that one country, and they had the power (as in economic and military power) to do so, what's to stop them? Not a law, which they my nature can just rewrite.
> Real justification: Extraterritoriality is a thing you get to do when you're an empire.
This is exercise of extraterritorial jurisdiction, which is not the same thing as (though also not unrelated to) extraterritoriality.
And everyone gets to do it, it has nothing to do with being an empire (actual extraterritoriality beyond what is normal for, e.g., diplomats might, but this isn't that.)
Read the indictment for yourself. Namely page 16 and 17 which account for charges 3-21 of the indictment (the vast majority of it).
The only company within US jurisdiction that BTC-E did business with is a company called "tradehill". The amounts of money moved were small, ranging between $12.60 and $17,000. Less than $100,000 was moved overall and all of it was moved in early 2012.
The US doesn't care about tracking down the $12.60 that you laundered on 24 January 2012 like it says in the indictment. The US is just using that as an excuse to impose it's money laundering laws outside of it's jurisdiction. The indictment is a pretext for extraterritoriality. Extraterritoriality is a thing you get to do when you're an empire.
Not really sure how you're making the "empire" qualification. An empire by definition is not an entity which gets to make extraterritorial moves with impunity.
Just seems silly to try and cast the US as an "empire" here when all you're really saying is "the US is a very powerful nation".
That's not what extraterritoriality means -- it refers to having your citizens/property be immune to local laws in foreign countries, not applying your laws to foreign citizens/property in foreign countries.
They don't have a right to do it, but there's nothing to stop them.
A foreign power can have any law it wants, and no other foreign power has to respect it. You can try to sue them, but sovereign immunity, and foreign sovereign immunity, stops almost all of these attempts. The exceptions generally are human rights abuses (by the same state doing the suing...) and commercial transactions.
In this case, the USG stole from money launderers in a foreign country. So not only can people in the US not sue the USG over it (sovereign immunity), people in the Ukraine can't sue the USG over it (foreign sovereign immunity). The thieves would have the best claim, but it doesn't work out well when you claim your illegal business was stolen from. And since it's a foreign power, if the US balks, it would be covered under international law, and guess who enforces international law?
If your property is wrongfully seized by the government due to some criminal activity, you can file a claim to get it back. This happens all the time when a criminal is caught with stolen goods. The thieves do not have the best claim.
It may take some time and effort to get the property back, but there is a process.
Assuming the govt took the money under the auspices of a criminal forfeiture (which I assume because the company was supposedly for money laundering), you would basically need to prove a paper trail to show what specific part of the money they seized was yours, and even then who knows if there isn't a loophole that allows them to basically not respond if the forfeiture was of a foreign company on foreign soil. They took it from a non-US entity, so they may not have any responsibility to give any of it back, because it was not being held by someone in the US [with rights in the US].
Do you now understand why we need something like Bitcoin? (Even if it's gonna a be a newer version of it in the future, or something even more private etc.)
Doesn't this instead just show the Realpolitik nature of currency, that it doesn't matter the technical implementation when a government can still just step in and seize the asset using traditional force?
Yes but the key difference is with cryptocurrency the person that owns the wallet still has to sign the transaction, there is no other way. It's a push model instead of pull. Compare this to traditional banking where a 3rd party (the bank) can aquiesce to a government request without your knowledge or approval.
Enforcing illegal torrents failed. I think a cryptocurrency ban would be similar. Also, the US made it illegal to hold gold between 1933 and 1974 but almost nobody turned in gold to the feds. https://en.m.wikipedia.org/wiki/Executive_Order_6102
Both are essentially electronic systems of information on a computing system, a format and a protocol of communication through the internet. In terms of technical difficulty to enforce them it would be very similar.
I'm pretty sure that "They" was meant to refer to the Government. The Government could most certainly pass laws (or enforce existing laws) that put people in jail for accepting stolen or "dirty" coins. (Just like the Government could pass a law or re-interpret existing laws to make making owning bitcoins illegal.)
I feel confident that any major state actor could completely disrupt the bitcoin market. In traditional banking the government wants to maintain the value of its fiat currency. But the government doesn't care one iota about the value of Bitcoin except potentially for its own nefarious purposes.
This is assuming that Bitcoin wasn't invented by a government in the first place. Cryptos have a strong benefit to central authority in that they are simple to track flows of money, it's impossible to play a shell game if you can check the block chain. It becomes very easy to check the full transaction history of someone if you find out their addresses. Here is an NSA paper on cryptocurrency that came out in 1996
https://groups.csail.mit.edu/mac/classes/6.805/articles/mone...
It cannot if you own your own keys. "Not your keys - not your crypto". Of course if you let some other entity to hold your keys, you're basically just using a bank, which has its own benefits, but I was talking about the unique ability to handle your keys, which crypto provides, as opposed to any other electronic money system to date.
Doesn't this just show that Bitcoin is worthless in comparison to a state-backed fiat currency? It doesn't matter if you have all the bitcoin in the world, the US government has more violence at its disposal than you could ever buy, and ultimately violence is the only thing that ensures the ownership of anything. If a government wanted something from you they could just take it, that's the real reason that the money they print has value.
Fortunately those of us who live in the United States also have the protection of the U.S. Constitution, which provides a glimmer of hope that we can seek restitution when the government deploys its violence illegally. Who knows how much longer that will hold up though...
The Constitution is a piece of paper, it does nothing and protects no one. The real thing that is protecting you is the same thing that always has: the good will of your common man. The real power has always lied in the beliefs of the people and always will, and if you can’t have faith in that you can't have faith in anything. We all live at each other’s mercy. Any system that doesn’t have trust in each other as its fundamental basis simply can’t last.
This is the part which confuses me about Bitcoin the most. It's meant to be anonymous, yet with some diligent data mining, it can become pretty clear who's who from their spending patterns by observing the ledger. How is that remotely anonymous?
I don't think it was really "meant to be anonymous". The original whitepaper at https://bitcoin.org/bitcoin.pdf has a section on privacy, which mentions that public keys can be kept anonymous but acknowledges that all transactions are announced publicly:
> The traditional banking model achieves a level of privacy by limiting access to information to the parties involved and the trusted third party. The necessity to announce all transactions publicly precludes this method, but privacy can still be maintained by breaking the flow of information in another place: by keeping public keys anonymous. The public can see that someone is sending an amount to someone else, but without information linking the transaction to anyone. This is similar to the level of information released by stock exchanges, where the time and size of individual trades, the "tape", is made public, but without telling who the parties were.
> As an additional firewall, a new key pair should be used for each transaction to keep them from being linked to a common owner. Some linking is still unavoidable with multi-input transactions, which necessarily reveal that their inputs were owned by the same owner. The risk is that if the owner of a key is revealed, linking could reveal other transactions that belonged to the same owner.
Recently there are newer cryptocurrencies like Monero and ZCash that focus specifically on anonymity/privacy.
There’s a lot of different veils to privacy in transactions.
There’s the IP record of the user hitting the server that processes their request (it might be your own box if you’re storing the whole chain yourself but most people use thin clients). Then there’s the list of inputs (cryptonote based currencies like monero use ring signatures which provide obfuscation but not binary privacy). Then there’s the list of outputs, which may be able to be linked to inputs revealing the transaction graph (zcash helps solve this with their circuit proving technology, but it’s limited in temporal scope by the fact that there’s a transition between transparent and hidden addresses). Then there’s the amounts of a given transaction (modern cryptocurrencies use range proofs to conceal the amounts but older currencies don’t).
To recap, there’s access information like IP, transaction information that can be used to reassemble the transaction graph, and balance information which, again, can be used to reassemble the transaction graph. The broad point is that if you can assemble the transaction graph, any additional information, like a list of known addresses, will severely deprecate the privacy of the entire system.
There are potentially ways around this, but they all involve breaking transaction linkability, which is fraught with peril for a variety of reasons (such that no currency has actually achieved this in a meaningful way so far).
Unfortunately, Bitcoin (BTC) is not anonymous, as you pointed out. It never was; and with tax laws requiring copious transaction information, it is particularly easily traceable.
That's the idea behind Monero & Co., which tries to mix things up a bit (literally). The anonymity is still not perfect, especially against state-level actors.
I haven't heard of PirateChain. However, the state-level threat model includes things like taxes, where (e.g.) people in the US have to report every transaction they make.
If most people report their PirateChain transactions, amount in, amount out, then the problem is that unreported transactions would stick out and would probably be associable with wallets. Am I getting this wrong?
A requirement to report taxes is not normally thought of as a threat to privacy coins per se. And the whole privacy coin thing is modelled on the belief that the state has no business knowing all your financial details.
The IRS considers Bitcoin an asset. Every time you buy/sell goods with Bitcoin or just plain buy/sell Bitcoin, you have to report that as if you were buying/selling any other asset, like stocks. So most Bitcoin transactions will be subject to capital gains tax.
Please correct me if I’m wrong — does this fact not imply that any attempt to actually use cryptocurrency as a currency to buy and sell goods (I.e. how we currently commonly use USD) is completely impossible, since the capital gains taxes will cause everything to cost substantially more?
The tax is only on the gains of the worth of the spend Bitcoin. If you buy a Bitcoin and immediately spend it on something, there will be no gain, so $0,00 taxes.
If you bought a Bitcoin when it was $5000 and you spend 0.2 Bitcoin today (now they're ~$10000 a piece) you would need to report $1000 of capital gains.
You could argue that would make your 0.2 Bitcoin / $2000 purchase cost more, because you have to add the tax. On the other hand, if you sell those Bitcoin later, you would have to pay those capital gains tax anyway.
The story does become a bit more complex when you factor in long-term vs short-term capital gains tax.
In the US, all transactions to/from a financial institution of $10,000 or higher (including cash) must be reported. Same applies if multiple transactions on the same day reach that limit. So all attempts to cash out will be hard to avoid tracking. Also, attempts to structure transactions to avoid this, like $9999 per day, is illegal with jail and fines applied.
Bitcoin can be anonymous though in certain use-cases. You can create a new bitcoin public/private key pair on a computer that has never (and will never) touched the internet. Once you send the coins from an address to this new address, the network will now know the IP address of the sender, but it won't know anything about the unknown recipient.
It knows that in some way/shape/form the old address is associated with the new address, so most likely it is the same entity, or a transaction partner. Bitcoin is not supposed to be anonymous, and very unsuitable for use-cases where you want any kind of anonymity guarantee.
But it can be used anonymously and probably in some industries is still used anonymously. A counterparty that is willing to swap anonymously acquired and sent altcoins for Bitcoin can provide a privacy conscious individual with anonymous Bitcoins.
If using proxy-chains, Tor, or a real person in another country to broadcast your trade isn't your cup-of-tea because you don't trust them, there is still another less practical way. If you secretly give someone your Bitcoin private key (for example: written on a small piece of paper), you can give or trade those Bitcoins to someone without the network knowing about the transaction.
>so most likely it is the same entity, or a transaction partner.
Conceivably, the transaction could be broadcasted from an important individual's hacked phone or computer without a trace. This is where being innocent until proven guilty becomes important.
> A counterparty that is willing to swap anonymously acquired and sent altcoins for Bitcoin can provide a privacy conscious individual with anonymous Bitcoins.
Not if amounts are tracked, rather than addresses. "oh look, this gal X just lost 5.3876BTC and gained 3.76549ALTCOIN, and this other dude Y just gained 5.3876BTC and lost 3.76549ALTCOIN. Geeze, I wonder if they traded."
And with the proper graph theory tools, much more complex interactions could be tracked.
The first problem here is that there is no link between the identities across the two currencies. You don't know that X lost some BTC and gained some altcoin. You just know that some BTC was transferred from X to Y and some altcoins were transferred from Z to W—completely different addresses. You also don't know precisely what exchange rate was used, and a privacy-minded service would round to a small number of significant digits (5.4BTC for 3.8ALT) rather than using exact, traceable figures. A proper mixer would probably also use fixed denominations and send each piece to a different address over a randomized timespan.
It's still not immune to tracing, obviously, but it's a much harder problem than just looking for symmetric transactions.
The simplest system, though, is probably just to spend some BTC renting time on a mining rig. It doesn't have to be profitable, just break even. Newly mined bitcoins have no official history to show who paid for the mining.
> It's still not immune to tracing, obviously, but it's a much harder problem than just looking for symmetric transactions.
"And with the proper graph theory tools, much more complex interactions could be tracked."
> The simplest system, though, is probably just to spend some BTC renting time on a mining rig. It doesn't have to be profitable, just break even. Newly mined bitcoins have no official history to show who paid for the mining.
> "And with the proper graph theory tools, much more complex interactions could be tracked."
So you've said, and I already agreed that it isn't impossible. But do you have any real-world examples where someone followed reasonable OPSEC (fixed denominations, mixers, randomized timing) and still had their transactions successfully traced via these "proper graph theory tools"?
Who would have published such an example? When we deal with opsec, we have to consider what is possible, rather than what has been done in the past. We have to do better than merely "locking the house after the thief has gone".
Typically that would be either the academic researcher attempting to prove that their investigation technique works, or the prosecutor looking to use the results of such an investigation as evidence in a trial.
> When we deal with opsec, we have to consider what is possible...
Anything is possible. Even ideal encryption algorithms—other than one-time pads—have some non-zero probability of being broken within a reasonable timeframe by a brute-force search, but that doesn't make them useless. As long as it's not cost-effective to trace the transfer, that's enough. It doesn't need to be mathematically impossible.
> or the prosecutor looking to use the results of such an investigation as evidence in a trial
I'm inclined to believe in the possibility of parallel constructions being used to cover up the best sources of intel.
> Anything is possible.[...] As long as it's not cost-effective to trace the transfer, that's enough. It doesn't need to be mathematically impossible.
And here, I think it is probably cost-effective to come up with that technology, because it would allow tracing people and transactions that might otherwise be impenetrable. And, if that were the case, I don't have a hard time imagining that it would be of utmost importance to keep such technology under wraps.
But again, at this point it seems like we're comparing pessimism to optimism.
> I'm inclined to believe in the possibility of parallel constructions being used to cover up the best sources of intel.
So am I, to a point, but even if they prefer not to disclose their actual methods (and are willing to commit perjury) they can't exactly hide the results. And others wouldn't have any incentive to keep their successes hidden.
> ...I think it is probably cost-effective to come up with that technology...
This isn't a matter of "technology" where some R&D spending up front is likely to lead to a method of cheaply tracing funds. If such a method existed then the system would indeed be broken; it would be akin to finding a critical weakness in an encryption scheme. Barring design flaws, however, the idea is to make all the transactions look the same so that even using your best graph theory tools you can't narrow down the possibilities enough to reasonably investigate all of them. That's what I meant by "not cost-effective": When there are 50 transfers that fit the parameters then you can investigate them all, but if there are 50,000 plausible trails to investigate then that effort would only be worthwhile in very high-profile cases.
> If such a method existed then the system would indeed be broken
Yes, I think that is the fundamental problem with depending on 'mixers' against state-level actors. We both agreed earlier that the tech is theoretically possible. It seems like we're disagreeing about whether someone exists who is motivated enough to build the tech, and whether that person is also motivated to keep their tech under wraps.
> the idea is to make all the transactions look the same so that even using your best graph theory tools you can't narrow down the possibilities enough to reasonably investigate all of them
I just don't get the impression that it's successful. There's a lot of 'metadata' that could be used to narrow the candidates down: geography, time, transaction amount, method of accessing the exchange (API / browser / desktop app ), age of wallets - I don't know which is specifically relevant here, but there's a lot of similar information which could be used to narrow the possibilities down, and most of it could probably involve 'fuzzy logic'. I just don't think that a threat model which includes state-level actors should ignore the possibility that transactions could be traced through mixers.
By the way, I'm really enjoying this discussion. Thanks for playing. :)
If you want an anonymous currency check out something like Zcash or monero. They use some fancier crypto to obscure transaction inputs and outputs, which gets you a bit farther towards being anonymous.
Bitcoin has and always will be a way to cut down transaction costs, cutting out the middle man ie cutting out the banks. To do that, everyone has to be able to audit every transaction and verify authenticity of a transaction. In this way bitcoin is anti anonymous, always has and always will be.
The entire history of every transaction between every wallet is visible. This means if someone knows your wallet ID (i.e. you bought something from them and shipped it) they know exactly how much bitcoin you have in that wallet.
Some people try to be anonymous on it, but as some of the drug dealers on Wall Street Market found out, that's pretty hard to do. Law enforcement was able to track down some of them by tracing their bitcoin transactions.
>It's meant to be anonymous, yet with some diligent data mining, it can become pretty clear who's who from their spending patterns by observing the ledger. How is that remotely anonymous?
It's not anonymous anymore. Transactions are being tracked to the ip addresses they originated from. This tracking has been going on since 2014[0]
From the article:
>But there is no top-down coordination of the Bitcoin network, and its flow is far from perfect. The Koshys noticed that sometimes a computer sent out information about only one transaction, meaning that the person at that IP address was the owner of that Bitcoin address. And sometimes a surge of transactions came from a single IP address—probably when the user was upgrading his or her Bitcoin client software. Those transactions held the key to a whole backlog of their Bitcoin addresses. Like unraveling a ball of string, once the Koshys isolated some of the addresses, others followed.
>
>Ultimately, they were able to map IP addresses to more than 1000 Bitcoin addresses; they published their findings in the proceedings of an obscure cryptography conference. ....
A key feature of Bitcoin is its transparency, because it's an open ledger accessible to anyone. The intent of Bitcoin is not to be anonymous, it's not a feature the designers were trying to a achieve.
if I have a wallet on my computer and send it to your wallet on your computer that would be anonymous.
it's when you connect the transaction to some bank (like, when you transfer from the wallet on your computer to Coinbase where they have your tax ID number, then withdraw to your real-world bank) that it can be so easily traced.
but if you just keep some btc in a wallet and do business out of that it's effectively cash. even if you bought bitcoins on Coinbase then transferred to your local wallet, once it leaves Coinbase the wallet ID itself doesn't have anything tying it to the laptop in your friend's basement in Brazil. from there who knows where it goes, I just bought pizza with it officer idk what the guy who sold me the pizza spent it on
a transaction ledger itself isn't inherently identifiable. otherwise we would know who just transferred $1B+ in this article and not have a bunch of comments wondering who it is lol
Bitcoin was never meant to be anonymous. It was designed to be stateful. The only information that is visible is the wallet address. And if you work at it long enough you can tie that back to the owner. It’s more anonymous through obscurity.
Now, there true anonymous cryptocurrency but bitcoin isn’t one of them.
Those alternatives require a durable namespace for 'targeting' your communications: a phone number, email address, physical location the pigeon arrives, etc.
Bitcoin can be used with novel targets (receiving addresses) for each uniquely received transaction: i.e. instead of having one bank account with all your transactions, each transaction is in its own anonymous bank account. By doing this, outsiders cannot know that two transactions are owned by the same person without that owner otherwise revealing the association via co-mingling funds or revealing ownership off-network (ex. sending to exchange that does KYC+AML).
You can be careful to not comingle funds or participate in KYC, but you have no forward security --- the person you paid (or their successor payees) can always comingle funds or participate in KYC. At which point, they may recall you paid them.
Also, I can't imagine it's very convenient to manage a large number of separate keys.
The ledger does not record in person transactions. Theoretically, I can hand you a USB stick containing BTC and no one would know until it is sent to another wallet.
From the top twitter comment:
> 0.06BTC in fees? Why so expensive?
Just gotta say, its pretty amazing we live in a world where 1 billion dollars can get transferred pseudo-anonymously in a reasonable time frame, only costing the transfer party $600. As a really stupid, non-real-world comparison, Western Union has a transfer limit of $2500 per transaction, and a $20 fee per transaction. If you were to initiate a $1,000,000,000 transfer it would take something like 400,000 transactions costing you something like $8 million dollars in fees.
International wire transfers between USD accounts usually cost about $25 regardless of the amount.
There's a lot of dollars moving around in the global financial system quickly and affordably, Bitcoin advocates just don't seem to know about it for some reason.
International wires are a bad example because they charge a huge FOREX spread. For a high-ticket transfer, you'd need to use a brokerage for the exchange first, which is also very cheap, but a bit more than $25 ($20 per million at InteractiveBrokers). Then a very cheap domestic wire for the last mile. Or, for small-ticket transfer TransferWise is around 0.85% for the whole exchange.
International banks are happy to open USD denominated accounts if you're a business or a private customer with a bit more than just paychecks and bills coming and going. Then you can send and receive USD with no exchange fee.
If you need to spend it locally, you still need forex at some point — but that's a much more predictable proposition than going from the wildly volatile BTC to local currency.
Depending on the regions, you can do tricks with your investment account too— Norbert's Gambit is the famous one for cheaply moving a lot of money between USD and CAD:
Is Norbert's Gambit anything but theoretical? It sounds like a guaranteed way to lose money.
Given the tick size, crossing the spread with this ETF is going to cost you around 10bp alone. Never mind that this ETF only holds $45m in assets - you're only going to be able to get a very small amount without eating through price levels. On top of all this you have to carry 3 days of currency risk?
I'm sure other online discount brokers are similar, but I checked Interactive Brokers, since I'm a customer, and they charge max 0.2bp fees, the spreads are around 1bp and there's no currency risk.
Are you in the US? While I've never personally done Norbert's Gambit my understanding is that it's extremely popular for Canadian investors to do if they want to get USD. Might not be vice-versa.
The most common use case I'm familiar with is within RRSPs, as there is sometimes a tax advantage to using US-listed ETFs within them. Most brokerages charge 1.5-2% to do currency conversion so it would be a lot better deal to do Norbert's Gambit to get USD trading funds.
I'm not in the US but there are probably even more online discount brokers operating in the US and Canada so maybe it's a tax efficiency thing?
Paying 1.5%-2% for FX conversion between two major currencies is very expensive unless the sums are small. The last time I converted currencies using a discount broker - including all costs I was charged less than .1% compared to the mid-market rate at the time.
You'd probably be best served to just go through an investment bank. FX market is relationship driven unlike the stock market. You don't have any of the trading relationships with the huge players in the market, and probably never will. The cost in time and money to participate in these markets vastly outweighs the paltry sum the traders are making on your transaction. Solicit quotes from multiple counterparties, pay attention to the institutional rates, and make sure you aren't getting screwed too badly.
Did you miss the part about it being anonymous(pseudonymous)? Also did you consider the fact that it circumvents any government regulations / oppression / sanctions that parties involved in the transaction may have been subjected to?
Bitcoin advocates know very well that centralized systems are faster and more efficient, that’s just the trade off of actually owning your assets. Right now you own nothing but some promise in some database controlled by bunch of potentially corrupt individuals governed by potentially repressive institutions.
>Right now you own nothing but some promise in some database controlled by bunch of potentially corrupt individuals governed by potentially repressive institutions.
To be fair, people[1] have raised the question of whether bitcoin is manipulated by people who have printed other types of currency without limit, which implies practically nobody understands how bitcoin works.
Also Tether is special case - it’s not unrelated altcoin, it’s supposedly stablecoin bound to BTC.
“Supposedly” because no proper audit of tether assets and liabilities was done and there is little transparency.
Counterargument is that if tether is insolvent, it would affect Bitcoin but only to some degree.
Here’s the logic: if tether was printed without backing to buy and prop up price of bitcoin then somewhere somebody is sitting on a pile of USDT which they will want to get rid of. You can get rid of USDT by asking tether to buy them back from you for USD or you can trade them on the market for BTC. Assuming tether goes dark USDT owners will be forced to sell USDT at discount creating even more buy pressure for BTC. The whole thing will be a huge debacle and incur some damage to BTC but ultimately it’ll be perceived like one more exchange scams - not your keys not your Bitcoin, trusting that USDT can keep USD parity is purely on you.
Bottom line is - people are being manipulated, not Bitcoin. Bitcoin will continue to live up to its promise - distributed open ledger and transaction platform, solving consensus problem via proof of work and there will only ever be 21 million of them.
That’s like manipulating value of USD by printing more Euros. Sure it has effect because economies are interrelated by it can’t be sustained - Euro will be worth nothing eventually.
But not all international transfers are USD to USD. Anytime there is an exchange of currency the banks involved take their own cut on the exchange rate.
Many people cannot access bank accounts that allow this sort of transfer and thats why Western Union etc exist, they charge a % of the value being transferred as well as a flat fee.
I think you're confusing the real-world version of you that has to pay $20 per transaction with a hypothetical billionaire version of you. People moving large amounts of money around don't do 400,000 transactions at $20 a pop.
Do you really think people use 400,000 transactions costing $20 apiece to move large amounts of money? If you keep a billion dollars in a bank account (!) you can simply call your private banker and have it done with no fee.
My US bank account has zero transaction fees and if I had this kind of money I do not see why I could not transfer for zero fees (don't see a limit anywhere). And if making smaller transactions, apps like Venmo can transfer money both instantly and free (unlike Bitcoin).
Banks typically treat billionaire customers differently too, it's absolutely ludicrous to think they'd have to use hundreds of thousands of transactions (let alone pay for them!).
Maybe. Having worked in the wire room before, that is not inaccurate. That said, transferring one billion would require advance knowledge, multiple signoffs, and adjusting permissions for people. Depending on the institution the payments may have to be split, but odds are the bank would eat the cost to maintain that relationship.
I run a VC fund. We move store money around in large amounts (6-7 figure transfers, 7-8 figure balances). Our bank loves us and doesn't charge us any fees for anything ($0 wires etc). Having millions parked with them allows to lend the money which is how they make their revenue. They don't care about fees.
In the case of China, hundreds of thousands of transactions is too many, but it is apparently routine for transfers of money outside China to be done in a large number of small transactions due to the legal per-person limit on transferring money outside. (And yes, since it's a per-person limit, not only do you need to do a large number of transactions, you need a new cooperator to put their name on each one.)
Well if I were to show up at the bank wanting to transfer $1bn I am sure I would get all kind of stares, but can not see a technical reason why they would not be able to do it. Difference with Bitcoin is you can do it completely anonymously, for all the good and bad things that go with that.
Except we're all out here talking about this and no one knows what other $1bn transactions have occurred in the banking system today so we're not talking about those.
He means anonymous from bank actors and state actors obviously. When you transfer money with a bank or wire service they know who you are and who you are transferring money to. Nobody afaik, knows who either of these wallets are held by.
No dollars were transferred. If you want to convert it to actual things you can spend you have to pay an exchange at least 1% on either end. You're comparing moving around intermediate representation to something you can actually use, like a bank moving bits around in its internal ledger. WU is not a good comparison for large-quantity FOREX, InteractiveBrokers is one of your many options, and they charge a commission of $20 per million, which is at most a $20K fee not an $8M fee.
With that in mind you seem to be conflating a FOREX transfer with a bank-to-bank transfer which you can use a $30 (or as cheap as free) wire to more the whole billion instantly.
> No dollars were transferred. If you want to convert it to actual things you can spend you have to pay an exchange at least 1% on either end.
Actually, this isn't true. That's the lowest-cost way of converting the bitcoins to actual things. But if you don't want to interact with an exchange, you have enough BTC that you can easily find someone who will just take your payment in BTC and take on the job of going through the exchange themselves.
It still has to exit and you can’t discount that cost. Nobody will sell you a house for BTC and not exchange them for dollars. That means nobody will sell you the house for face value. You’re still going to have to discount the sale price to cover the exit costs unless you have data that shows otherwise.
For instance, if you came to me and offered me either $500K in dollars or $500K worth of BTC at today's prices (good luck defining that with volatility) I'd say sure, for $550K worth of BTC and I'll exit it immediately. Well, probably not, because I'm sure that BTC is either dirty or avoiding taxes and that's not a conversation I want to have with the IRS/FBI, but that's why you'd have to pay me so much more.
yeah if you look at https://jochen-hoenicke.de/queue/#0,1w , you'd see that anything above 20 satoshis/vByte would be overpaying[1]. the transaction in question paid 400 satoshis/vByte.
[1] ie. anything at that rate or greater would confirm in the next block, so there's no difference in paying more
It might. It depends on the status of the network at the time. If there is a significantly large unconfirmed transaction pool backlog and a transaction is made with a low enough fee then the miners may simply ignore the transaction for long enough that they let it expire and drop it completely. Theoretically, that transaction still could be confirmed at any time in the future, but, practically, it won't be. So, most wallet software will stop displaying an unconfirmed transaction after a number of days, returning to a pre-transaction available balance.
This got me thinking. I believe I saw last year where there was something like over 200k unconfirmed transactions on the blockchain. Right now it says 5000.
So, what is the minimum amount you could send with a proper transaction fee? Could someone flood the network with millions of unconfirmed transactions?
you could but if you wanted them to stop others from using the chain it would be pretty costly. if you didnt provide a fee then they go to the bottom of the list to get mined and some miners might not even bother
Yeah, looks like $1 would've probably been enough fees for this transaction to be confirmed within a reasonable timeframe (less than 10 blocks, ~a few hours).
>Just gotta say, its pretty amazing we live in a world where 1 billion dollars can get transferred pseudo-anonymously in a reasonable time frame, only costing the transfer party $600.
I'm quite sure the banking system could do the same, no problem. These are not technical limitations, they are regulatory. It's controversial enough whether any human actually needs a billion dollars, let alone the freedom to move/spend it however they want with zero oversight. But that's just me.
I don't have any experience with billion dollar transactions, but I am confident that people who do them as a matter of course don't incur 400,000 $20 fees each time.
I am not sure how bank handle such large transactions (100 milion+), but transferring millions is very cheap or for free - at least with standard IBAN within EU.
A large corp-to-corp (or even person-to-corp) transfer does have a lot of money involved (accounts to figure out taxes, lawyers if it's for buying or selling major assets, possibly international tax experts, maybe even an escrow service if it's between say a EU company and a Chinese company where they might not trust the other nations court systems).
And then the bank might charge a fee too, although I suspect with accounts that large, banks would do what they could to minimize fees since that much capital helps them with loads/interest.
$1 Billion USD at current prices. Having said that in the current SWIFT or any other legacy payment rail, there is no finality in transactions until 30+ days.
Not only that, is that you would have the Eye of Sauron quickly looking at you for moving such quantities especially if it were a private individual or some smaller group that isn't all registered with the powers that be.
The actual people who transfer $1 billion between each other (financial institutions, large corporations, and private investment vehicles) don't pay any fees either.
When you move $1B from one financial instution to another, the receiving end will payyou to choose them over their competitors, as well as provide other incentives.
This was probably an internal transfer, but if it was payment to someone, something interesting then occurs.
It then becomes valuable for the original owner to secretly mine a chain, attempting a 51% attack. They could run the attack secretly for up to 40 days and still make a profit.
So you'd really need to wait 40 days before you can be sure this transfer is safe.
But it gets scarier, if at the end of the 40 days a longer chain is submitted, all transaction since this one would be reverted too.
So when giant transfers happen, all transactions are vulnerable to long term 51% attacks. So all transactions sent now on Bitcoin aren't secure until this 40 day window has passed.
Of course, I don't think that's the case here, it was probably someone moving his own coins around, not a payment to anyone.
Only if the attack is from the outside, which is not a requirement. It's not mutually exclusive.
The miners who control the bitcoin network are already centralized on a handful of organizations in China. If they colluded on this attack they would take over >51% of the network because, hey, they already own and operate most of that computing power you're eluding to.
Edit: There is also no evidence that the price would plummet from this, and given the history of theft, scams, forks, etc. involving bitcoin that do not drastically affect the price, I don't think it would either.
Doubtful. The bitcoin community would react how it usually reacts towards large thefts or scams: blame the victim. I.e. It's their fault for not understanding X, doing Y, or having Z security; in this case the fault being having that much BTC in one wallet and one transaction.
No, because future attacks wouldn't get any easier. One successful attack is just one successful attack. If your transaction is not worth a billion dollars, you're safe.
It's quite possible, as long as the cost of the current ASICs out there is less than a billion. You can match the current world rate and secretly mine. It would be a combination of buying your own miners and renting hashrate, but mostly it would be renting. Maybe paying a big mine to do it for you.
When I saw the initial math, they said 40 days. But that doesn't include the fact that as you buy hash power, it's price would go up. But to secretly mine for a week before reorganizing the chain would be very possible with this amount of money.
I wonder if you could put in a checkpoint system. And if that could even be decentralized.
I did some quick math a while ago on the cost to buy 51% [0].
When I did it the network hashrate was 44,000,000 TH/s and if you could buy enough S9i's to the same low price, it would cost you around $650 million. This is excluding any other infrastructure you'd need and of course the power you'd use to perform the attack. And since I did the calculations the hashrate has -doubled-, making it cost quite a bit more than a billion.
Now maybe you can get off cheaper if you try to rent the hashrate. Around $18 million of BTC is mined per day, say you can get 50% for $10 million per day. So yes maybe you can do it for 40 days, if you want to risk a large part of that billion. And face the quite massive risk of tanking Bitcoin's value or facing devs who might launch a "protective hard fork".
(This is assuming you -can- buy or rent enough hashrate, which is very uncertain).
There are checkpoints in BTC, although they haven't been added since 2014.
By the time you could source that many S9is, the hash rate would be higher, requiring you to source more, at which point maybe newer and better chips have come out, raising the hash rate yet again, making your investment worthless.
Buy it wouldn't exactly be a secret if you're paying a big mine to do it, or if you purchased every available mining ASIC out there at once (and found enough electricity/cooling to run them all).
If the bad actor already exists on the network then it is possible. No new adversary is going to be able to procure enough mining equipment and get it running in a small enough time frame, however an existing miner doesnt need 51%, they only need 51% - their own hash power.
Such a 51% attack is much more expensive in Ethereum 2.0 vs. Ethereum 1.0 and Bitcoin:
The cost profile of a repeated 51% attack in [Ethereum 2.0's Proof of Stake]
is as if “your ASIC farm burned down” with each additional round.” ~Vlad Zamfir
And 95% of techstars blockchain applicants are building on Ethereum
For all the fud that is doing the rounds about Ethereum...
of the hundreds of applications I receive from blockchain
startups to join @techstars, 95% are building on Ethereum.
There hasn’t been any significant shift to other chains in
what I’m seeing on a daily basis. [1]
So this kind of potential 51% attack is likely to become less relevant for blockchain applications in general. Of course Bitcoin doesn't benefit from these improvements. Bitcoin may one day even reside within Ethereum.
>It then becomes valuable for the original owner to secretly mine a chain, attempting a 51% attack.
Depends on how able the injured party is to retaliate. In ordinary life, bouncing a check often results in actual or threatened legal action. Disputes between criminal organizations are sometimes settled extrajudicially. So I would not expect the sender to attempt a double-spend if the recipient has the capacity to respond either legally or illegally.
Imagine how much money you could make by creating a bogeyman bitcoin wallet!
Step 1, Consolidate 94,000 BTC into one single address the entire crypto world is now watching.
Step 2, Send 1,000 BTC from bogeyman bitcoin wallet to exchange crypto wallet.
Step 3, Freak the shit out of the market. Promptly sell the entire lot in one single market sell order.
Meanwhile you've got another 50,000 BTC or whatever sitting on contracts leveraged with 100x margin in a short position across multiple accounts... essentially netting you 100,000 BTC profit if you can manage to tank the price just 2% on the 3 funds that Bitmex follows to create their index price... and you totally would selling 1,000 BTC at once from a well known superwallet.
Rinse and repeat... Eventually, I imagine you wouldn't even need to sell the coins on the exchange... just moving them there would be enough... (which would probably be illegal at least in the USA, see below)
And when the market gets wise... and everybody else starts shorting the price when you move your coins... you BUY 1,000 BTC in a single market order... stop hunting everyone's "sure things" (with mostly tight stops) and probably making you 500% return on a 5% move the opposite way... placed on longs of course.
(I am working on an algo bot, I think about this kind of stuff all day long!)
I had better start saving!
Side question... would this be legal? Moving the coins to exchange, signalling that you were going to sell based on precedent, and then not selling would be illegal by the nature of equities laws on fake bid or ask walls to move the price... like some trader at goldman was just arrested over for doing the same in the gold markets.
But just selling a lot of coin while you have another lot of coin in short positions would be perfectly legal, right?
I'm not a trading expert but I guess smarter and richer people/entities will probably also run bots and a whole lot more complex trade monitoring and market making strategies or algorithms.
In your example, somebody interested in keeping the price at or above a certain level and that has a couple of million to waste on that could potentially place a 900btc buy wall as soon as you managed to market sell the first 100 of your 1000 and so you'd sell the rest into the wall and not move the price as much as you'd wish. And market psychology is a strange thing that could actually even make the price move in the other direction as thousands of traders would see the huge buy wall and assume the price could only go up and therefore buy more to go long which would increase the price even more.
If that or similar happens then your "shorting at X while dumping at Y" strategy won't be as successful as you would expect and you might just end up dumping your 1000 btc at mostly the same price. 1000 btc is a lot of money for most people but not that much on a daily bitcoin trading day. Even the 1 billion dollars in bitcoin isn't really capable of damaging the market all that much as most alarmist articles made it seem once this transaction got noticed imho. Remember that there are/will be about 21 million bitcoins.
I'd say its safe to assume that whatever "big idea" one has to manipulate trading or financial markets has already been thought of, implemented, tried and failed or succeeded to some varying degrees, especially on deregulated crypto markets.
No this would not be illegal under spoofing laws as you haven't posted a bid or ask.
What you described would work if the goal was to obtain more bitcoin. If you want more dollars this strategy carries to much risk and this is distinctly a long bitcoin strategy.
Now add some hedging in the futures market and now we’re talking
I worked in the trading dept of a large hedge fund and this could easily be them, or someone like them. They regularly traded several billion in bonds, currencies and short rates each day and just aren't used to those trades posting publicly (outside the exchange). I can see them seeing this Twitter thread, scratching their head and wondering, "what's the big deal?"
In the fixed income, currency and money markets a billion dollars is not a lot of money -- and yet a billion dollars IS ALWAYS a lot of money.
I used to work on the repo desk of a primary dealer. One role of the repo desk is that it finances the banks position. We might hold $50 billion of bonds, but $40 billion of that is borrowed with the bonds as collateral.
One day because someone had keyed in a start of day position wrong -- off by a billion dollars -- 20 minutes before the FedWire closed for the day, I got to watch 2 traders get on the phones and borrow a billion dollars in 20 minutes, without letting our counterparties know that we were kind of desperate.
Had they failed, the bank would have had to go the the Fed, discount window and borrow $1 billion overnight at the discount rate (which would have been substantially more than we were paying in the repo market.) Additionally, it likely would have triggered process audits and incident reports which would have been far worse than the interest.
> Had they failed, the bank would have had to go the the Fed, discount window and borrow $1 billion overnight at the discount rate (which would have been substantially more than we were paying in the repo market.) Additionally, it likely would have triggered process audits and incident reports which would have been far worse than the interest.
> because someone had keyed in a start of day position wrong
I know basically nothing about this area, but I'm curious why what appears to be a mistake in data entry needs to be fixed by actually borrowing additional money, as opposed to issuing a correction. If you have the amount of money you're supposed to have, why is it so dire that you published a typo?
We had $X billion dollars in bonds we needed to finance, that day. The traders thought they had to finance $X-1 billion dollars.
We had good collateral to borrow the the money, but it was the money we needed.
The legal-books-and-records system gave us the right starting number. The transferring it to the trading-book-dashboard was a manual process. So they traded all day based on the wrong number. No one noticed until operations called the desk with about a half hour left in the trading day to say “Do you guys realize you’re short a billion?” Ten minutes to figure out what went wrong. The clerk who keyed in the wrong number didn’t get dinged that badly, cause 8-9 people saw both numbers and no one else noticed.
I think the big deal compared to those normal hedge fund trades would have to do with relative volume. Trading in bonds etc., a billion is relatively small and unlikely to move markets very much. In Bitcoin, a billion is a bigger deal, representing a larger chunk of the whole, and buying or selling that much has a much greater potential to move the market.
There are 17 964 063 bitcoin[0] in circulation which means that this transaction accounts for 0,5261% of all Bitcoin. I wonder how common transactions that account for one half a percent of total markets are.
There is how many have been mined, and are an upper bound of that many bitcoin in circulation. Some of it is stuck with forgotten addresses and passwords, so some are just gone- I think bitcoin won't be used by the time we have enough computing power to track down dead addresses and crack the passwords.
Also, the short term price sensitivity of bitcoin is related to the depth of the order book and not the total market cap of coins. Someone placing a sell order at market rates for 94k bitcoin would wipe out the order books and the price would go way down, and take quite a while to recover. To sell 94k bitcoin without nuking the price they will have to sell at a slow trickle.
As far as the fees being so cheap, and every one else guessing about how expensive it would be to do it in a normal banking situation, F. Scott Fitzgerald is relevant:
"Let me tell you about the very rich. They are different from you and me. They possess and enjoy early, and it does something to them, makes them soft where we are hard, and cynical where we are trustful, in a way that, unless you were born rich, it is very difficult to understand. They think, deep in their hearts, that they are better than we are because we had to discover the compensations and refuges of life for ourselves. Even when they enter deep into our world or sink below us, they still think that they are better than we are. They are different." (The Rich Boy, 1926)
All of the information normal people--like you and me--use to price transactions like this is completely irrelevant. Rich people have access to many services and price structures that are completely different than normal people. Any guess about what it costs to make a transaction like this via normal channels is likely completely wrong (other than "free", assuming they are doing business with the bank in question).
This post appears to me like two paragraphs of correct and important information, cut in two by a seemingly unrelated quote that summarizes to nothing more than "rich people are evil". People with greater wealth having access to certain services and procedures that normal people don't is unrelated to all rich people supposedly looking down on everyone else.
There's a whole thread about interpreting the quote debating whether it paints rich people in a positive or negative light, and amazingly nobody focused on the part that says "they think they are better than we are".
Perhaps that's what the HN audience really thinks of rich people and thus skipped that point? Someone thinking they are better than others based on wealth alone is an unmistakable negative in my book.
Having different values from "you and me" doesn't make people evil.
For most of history, it (mostly erroneously) did. In 2019, this also applies. It's just applied much faster over global distances through the Internet.
Cynicism is definitely a virtue in a certain light. Trust is good for everyone while being bad for the individual, cynicism is good for the individual while hurting society.
Personally I think both extremes are terrible, but leaning on the side of cynicism seems safer.
I read "soft" as more mellow and chilled out, and less stressed about (what seems) trivial stuff. In a way, even kinder. And from what I've read by rich people (such as Diane Disney Miller) cynical is a lot about the difficulty of establishing genuine relationships.
That is how I read it as well. I’d imagine being someone that is cynical and wealthy protects your wealth from forces that would suck less cynical people dry (multilevel marketing, get-rich-from-real-estate seminars, stocks currently riding the wave of the hot rumour of the week).
The irony is that these "they think they are better than us" type posts always to me read with an implicit but unsaid "but really we are better than them." In reality, people are people, and thinking you're better than others is absolutely not something that the rich have a monopoly on. This attitude is rampant in many groups and underlies much of the current hatefulness in the world.
>This post appears to me like two paragraphs of correct and important information, cut in two by a seemingly unrelated quote that summarizes to nothing more than "rich people are evil".
Which is nonetheless both pertinent and important to keep in mind.
Do you know old money? I do, and I also know people with hundreds of millions who grew up in rags. There's nothing incorrect about what the parent poster said.
The point of the quote is to demonstrate that using poor-folk calculations to try and figure out what things cost for rich folk is pointless, and has been for the past ~100 years.
Poor people measure their stuff by its momentary monetary value, rich people measure their assets by their long-term projected intrinsic value. Rich people look for good value, not a good price.
The rich man’s mentality can also work for middle class people if every purchase they make is a long-term well-informed decision, rather than flying with the pop culture of what everyone else is currently buying, wearing or visiting. For example, buy timeless durable unfashionable clothing, buy a used but durable car from which you can extract the best value in the long run, buy products which can be utilised for many purposes, etc.
Note that this is constrained by IRL effects that middle-class people experience that rich people are much less vulnerable to.
With enough money, you can afford to wait for a good deal because you don't need the money right now to live. When you're wealthy, you can brave health issues, accidents, sudden crossings with the law, etc. without ever truly touching the money-in-wait for a good deal. When you're middle-class you definitely don't have as much cushion.
This is similar to the logic of "the best time to buy is a recession", except its difficult to buy during a recession purely because it's more likely that a middle class person's cushion is gone due to economic conditions and thus has no money to buy good deals.
The rich real estate guys I know phrase this as "you make all the money on the day you buy". That is, they want to buy from desperate owners, so that prices are so low they are guaranteed profits. Lots of businesses are more desperate in recessions.
“The reason that the rich were so rich, Vimes reasoned, was because they managed to spend less money.
Take boots, for example. He earned thirty-eight dollars a month plus allowances. A really good pair of leather boots cost fifty dollars. But an affordable pair of boots, which were sort of OK for a season or two and then leaked like hell when the cardboard gave out, cost about ten dollars. Those were the kind of boots Vimes always bought, and wore until the soles were so thin that he could tell where he was in Ankh-Morpork on a foggy night by the feel of the cobbles.
But the thing was that good boots lasted for years and years. A man who could afford fifty dollars had a pair of boots that'd still be keeping his feet dry in ten years' time, while the poor man who could only afford cheap boots would have spent a hundred dollars on boots in the same time and would still have wet feet.
This was the Captain Samuel Vimes 'Boots' theory of socioeconomic unfairness.” ― Terry Pratchett, Men at Arms
It's likely not free (but probably not outrageous either)... Last time I did something like that the transaction cost was small (< €10) but the human element was large due to approvals (think i was in the bank over an hour and it involved 4-5 bank staff to make it happen). Anti-money laundering processes cost money and many of the crypto-currencies ignore this for now / pass the problem to the fiat ⇆ crypto exchange operators.
On the flip side, I saw a payment go through for one our suppliers today. $50 invoice. > $25 processing fee because it was a european bank processing a USD transaction. :/
I can transfer 100k in GBP free too. BACS limit is £250k. Once I exceed that I have to fall to CHAPs which will cost me about £25 and has no limit. Banking is mostly free in the UK.
You're correct, sorry. AIUI there's a higher limit for corps/govs too. Banks often have lower limits than these but I've no doubt they'll lift them if there's need.
For those not familiar, FPS offers 2h (normally instant) transaction speed.
Having bank transfers in 2019 so slow is outrageous. It's the time when trading bots produce millions in a split second. But bank transactions require hours and days. And they dare to call them fast!
Eh, when does it really matter? The only time I care about speed is when buying something, and the more expensive that something is, the less fast it needs to be.
> Anti-money laundering processes cost money and many of the crypto-currencies ignore this for now / pass the problem to the fiat ⇆ crypto exchange operators.
As I understood, traceability is included by-design in Bitcoin. Maybe you didn't see the other comments, but all the bitcoins of this wallet can be traced back to one or several entities. All history of all transactions is available to everyone, so could you explain what do you mean by "ignored"?
Bitcoin to bitcoin might be cheap, but the crypto exchanges seems to take quite a cut when you convert to national currency. Something like 1.5% in the case of Coinbase.
coinbase is far too expensive with their normal options. if you use their coinbase pro product it comes down to .3% for taker transactions or .15% for maker transactions. I never use the regular coinbase
ACH transfers are generally free. I transferred 100k USD from bank A, in to bank B, then out to bank C and it didn't cost me a penny. This was quicker than setting up a link from A to C since B was already linked to the others.
I just recently transferred a similar sum for the grand total of $0. (Actually I gained about a dollar because the banks made initial deposits for me with their own money to make sure the accounts were correct)
People do this all the time, and it's not expensive at all. You can do wire transfers of hundreds of thousands of dollars for a $20 fee. You can get certified checks from your bank for large amounts for free.
Most governments don’t tax money movement (some countries doe have a stamp duty or similar on cheques now, but that’s more about trying to make people stop using cheques already).
I can wire hundreds of thousands of dollars from and into my consumer banking account for free. At work, multi-million dollar wires transfer for free, with an email confirmation and virtually instantly.
Cryptocurrencies are cheaper if you're laundering money or move money around too infrequently to bother optimizing for it.
€100k is in fact the limit on the web form for my bank, so at least if that UI is to be believed, it's not substantially more involved than €5k (I don't have personal experience to confirm however).
What this misses is that these transactions for better or for worse are completely non reversible. You simply cannot do that with a bank transfer as given a good cause transactions can always be delayed, diverted or stopped.
Normal ACH (Automated Clearing House) transactions in the US tend to be free. I can move money from one bank to another bank without any fees. It usually takes anywhere from 1-4 days. This is moving US dollars. Not sure what the cheapest way to move USD to EUR is and likely not free.
This is largely dependent on your account type and bank. There are many types of accounts that will not charge for wires or will only charge on one side (incoming/outgoing) of the transaction.
I don't pay outgoing wire transfer fees on my business account.
Important qualifier on that that's missed for most "the very rich". The "rich" are often quite penny pinchers. My grandfather is "rich" (several millions, and in a very cheap place to live in the midwest) but he lived his entire life being extremely strict on spending and controlled personal finances very carefully. He still complains when there's large money to be spent on something that should be cheap.
I found out that my grandfather was a multimillionaire later in life as well, but I would never have guessed because he lives in an inconspicuous house in a middle class neighborhood and drives an inconspicuous car (Honda CR-V). He complains about milk and gas prices like most people and basically just doesn't telegraph his wealth at all (except by buying exclusively Wheaties as his breakfast cereal).
He grew up during the great depression though, so maybe that has something to do with his miserly ways.
Maybe this is just me, but I don't actually consider having a couple million dollars as "rich", I know a couple folks worth hundreds of millions, and the way they behave are certainly different.
A couple million dollars is a retirement nest egg. You can stop working, stretch it carefully until you die, and leave a small sum to your heirs.
To be very rich requires upwards of $100 million. Then you can access high paying investments which will generate enough income to afford a couple houses, hire help, buy a boat and a plane, and have enough left over after taxes to increase your assets to offset inflation. Actually, if you want a jet plane (with hired pilots, mechanics, hangers, etc) and a couple nice houses (>$10 million each plus staff) in the nicest places (Beverly Hills, Palm Beach, Jackson Hole), you need upwards of $1000 million.
A couple million dollars is more than a nest egg. You can retire immediately and provide for your family and yourself your whole life with that kind of money.
Entirely dependent on location, lifestyle, family status, etc. Yes, with $2m you can retire tomorrow and get something like $100K/year in pretty much guaranteed income not pegged to inflation. (You can argue the numbers but certainly <$200K/year with moderate risk.) And you can certainly live on that amount of money but equally certainly not with an opulent lifestyle--especially if you don't own your house/condo, have college expenses, like to travel/eat out etc.
ADDED: Yes, you're "rich" but not jet-setting in business class at resort hotels, multi-million dollar coastal city condo, eat at top restaurants on a regular basis etc. rich. Which is actually just fine for a lot of people who have no particular interest in those things.
Annuities, high grade corporate or muni bonds, mix in some high dividend yield blue chips, etc. I'd mix with some riskier investments that were higher return on average.
Nothing is guaranteed if things go totally to hell, of course. (And I did make the qualification of not being pegged to inflation.) But unless we get to a very bad place, I think that assuming 5% on these sorts of investments is a pretty safe bet.
(ADDED: But pick your own number. 3-4% probably is closer to the really very safe modulo inflation given instruments like CDs in that range. But you're reinforcing my basic point. $2M is not really the basis for a huge annual income in perpetuity or even over a multi-decade timescale if you don't have other income streams to add to that mix.)
The market return for the past century has been something like 7% (after inflation). If you're investing in time spans longer than 10 years then typically you expect something in that range.
Past performance does not promise future results, and the world could end tomorrow, but it's not a bad idea to plan that you'll get an average of 5%+ on market investment.
(I'll note that you're responding to someone saying "pretty much guaranteed" and dropped that qualifier in your question).
I know about that, I meant besides that. An average return doesn't mean a consistent return from year to year - e.g. $100,000 / year from 2 million. I was just curious how other people would invest to target a high probability of 5% each year.
That is wrong, if you live in a wealthy country. The safe rate of return right now is a few percentage points at best. If it stays like that, and we get inflation, then it is going to be even worse (wealth shrinking happening now depending on tax variables of the retiree.)
$2m invested with 2% real returns is $40,000/y. So you could provide for your family but I think it would need to be pretty frugal and move away from major urban areas. (Maybe buy a 500k house and live off $30,000/y)?
That said I think semi-retire is the best bet. You have $30,000 for existence, and then go and do a gig every now and then for that foreign holiday or home repair or whatever.
You don't have to finish with the same amount you started with. If you aim for finishing somewhere between $2m and $0, you can spend between $40k and $100k per year.
Absolutely, but if you plan on doing this from 30 to 85, say, then it probably won't make much difference, and you might as well save the lions share for medical bills, rainy days or even inheritance down the line.
From what I understand, the thing that changes when you have lots of money, is you can act as an investor in individual ventures that are much riskier, but with a much higher potential payoff. If you can drop $1 million without being ruined if it doesn't pan out, you can multiply your money very quickly when things do happen to go your way.
In fact, isn't that basically the entire premise behind all the VC funds that fuel Silicon Valley?
>isn't that basically the entire premise behind all the VC funds
Which often don't have especially high rates of return.
I don't really disagree with your basic point. At least somewhat higher investments do give you access to a wider variety of financial instruments even if diversified through a third party.
The $1000 guys can afford humongous risks if they're 20 year olds saving for retirement. In fact, if they have a job to live off of, their risk tolerance is going to be far greater than a rich person living off their wealth.
GP said nothing about liquid funds, and this thread is mainly talking about people's life savings.
in this context, one million dollars is really not much. if you have no job or pension, one million in assets grants you the ability to spend about $40k a year safely. you could certainly have a comfortable retirement this way, but it would be far from a luxurious lifestyle.
The United States farm real estate value, a measurement of the value of all land and buildings on farms, averaged $3,140 per acre
While the average farm size has been increasing approximately two acres per farm each year since 2012, the number of farms is decreasing. Today, the average farm size is 444 acres.
444*3140
1,394,160
US average farmer is a millionaire. Go ask one if he feels rich.
Do most farmers actually own the land that they work on? I was under the impression that most farming is done by large companies and that there are not many small independent farmers that exist.
When I was working on farms ( 30 yrs ago ) most farmers were still on property they owned. During that time I saw the shift to corporate farms and I dont know that answer as I have found less labor intensive work.
Most of the corporate structures I saw were family or a combination of family and friends.
I think many farmers are pretty levered. Whether its mortgage on the land or loans for operating capital, to make a decent return on equity you've got to borrow.
What are the implications of only buying Wheaties for breakfast? That doesn't scream wealth to me, but I also don't eat breakfast cereals, so have a blind spot.
Reminds me of a German saying I can't quite remember (something like 'erber, gerber, versterber'). Basically the first rich generation is very frugal because they had to work hard to attain it. The second generation maintains it, not really adding more but not frittering it away either, and the third generation throws it away on ski resorts and fancy cars.
That's also one of the few things I do respect about 'old money': they really drill it into their kids to not be ostentatious and wasteful with the familial wealth, thus escaping the aforementioned trap.
“My grandfather rode a camel, my father rode a camel, I drive a Mercedes, my son drives a Land Rover, his son will drive a Land Rover, but his son will ride a camel” - Sheikh Rashid bin Saeed Al Maktoum
my dad used to tell a story of him working at gas station in italy in the 60's as a small kid, a guy with a Ferrari came by and asked to fill his tank, and when paying there was some not-insignificant amount of change, so my dad asked "so, I'll keep the change, ok?" and the guy replied "You know kid, I have a lot of money, really a lot. You know how I made them? I never gifted anyone anything. Now, hand over that change.."
While I don't disagree that your grandfather was wealthy enough to not worry about things, "several millions" isn't in the same ballpark as the people we're talking about in this thread.
My grandfather was similar. Died a millionaire while never making more than $30k/year. He just paid for things in cash and made sure to always invest. The only luxury he ever spent was on my grandmothers car. Everything else was on a budget and cheap as could be.
I have built up a pretty decent surplus of money for my age. It's not because I deprive myself of things. I buy everything I want. I just happen to not want much. It's all about level-setting.
Spending little money frees up your life from having to earn a lot of it. That trade-off starts looking pretty attractive after you've been chained to a desk for a decade.
Just like most things in life, I feel like it is all about the right balance.
Penny pinching and then dying a millionaire sounds awful, because what's even the point of having all those millions if you lived like you had nothing the whole time? Just a number on some imaginary scorecard?
Wasting away all your earnings and living a life of "luxury" with nothing in your savings is at least just as bad, because if something catastrophic happens, you got nothing.
Gotta strike that happy balance, where you get to enjoy the money, yet still have a substantial chunk of it saved.
> Penny pinching and then dying a millionaire sounds awful, because what's even the point of having all those millions if you lived like you had nothing the whole time?
Building generational wealth for your progeny.
GP said their grandfather died a multimillionaire. That money can go to his children; managed well over their lifetime it will double several times over. And learned frugality on their part means they have an even greater sum to hand to any children they have (like GP!)
And if a catastrophe struck - be it a local one like joblessness or divorce, or a global financial crisis, whatever - grandfather knows that his austerity guaranteed his children shelter, food, and education in the future. That's a powerful reason to make decisions. Hell, in our animal brains, that's probably one of the most powerful drivers of decisions: what should I do to benefit my family?
>GP said their grandfather died a multimillionaire. That money can go to his children; managed well over their lifetime it will double several times over.
The point is, is it worth it if you do not get to enjoy even a part of that at all? What if you don't have children? Assuming there is nothing after death, the personal result of being a penny pinching millionaire vs. just not having that much money at all would be the same.
Your assumption is that cheap living equals unhappiness/misery/etc whereas most unhappiness is caused by the uncertainty of not knowing where your next meal is coming from.
Presumably he had a good family/friends, which is what matters, no?
Investing in your family's future is an incredibly noble/selfless thing to do, it takes real character.
Presumably their grandmother was alive when she was gambling the money away, so I do not see how a will would have helped here :) But a good point regardless, most people with any kind of saving should have one drawn up.
It's not the sole cause, true. But it'd definitely a differentiator. Sort of how like practice isn't the only contributing factor to being skilled, but talent without practice is useless too, soo...
It sounds like you may hold the misconception. Only ~12% of millionaires inherited their wealth. The remainder are "self-made", in that they lived below their means, and saved.
No I'm not saying most millionaires inherit their wealth. I'm saying that penny pinching isn't how you create it. Most people create wealth via entrepreneurship.
The amount you can create via saving is minuscule compared to starting a business, investment banking, being a lawyer etc. Work creates wealth.
Side note, many of the people I know who are wealthy enjoy spending it which is the antithesis of penny pinching.
2. Live beneath your means (aka save part of your income)
I get "penny pinching" can mean being cheap or something. But ultimately, saving is what makes you wealthy. And it's a much more accessible and in your control than winning the lottery of life by starting a successful business, or being some hotshot lawyer.
Side note: Warren Buffet enjoys not spending his wealth, which is exactly penny pinching ;-)
Live beneath your means (aka save part of your income)
This is where your premise breaks down. There are millions of people who do this who are not “wealthy”. They’re just “retired”. Acquiring real wealth requiring vastly more then your means to the point where the ratio of income to expenses doesn’t really mean much.
Even if you consider Buffet a penny pincher that’s not how he created his wealth.
I guess it depends on your value of wealth. I'd pin it somewhere around the "never needing to work again" level. Sounds like your definition is quite a bit higher.
Funny enough, though, Buffet got started working a pretty regular job, saving over a million in inflation adjusted dollars before starting his business.
There's a difference between spending below one's means and penny-pinching. Penny-pinching is refusing to tip the waiter, it just makes you an asshole.
That's a myth. Most people are rich because their parents were. Most of the rest is rich because they were/are lawyers or medical doctors. (For the super-rich, business and finance becomes more important. But for your average "middle-class rich", lawyers and doctors just dwarf their numbers. Business also has highly unequal outcomes).
As to why this myth persists, I guess it goes well with American puritanical roots. Many possibly don't belief in a strict correlation, if not causality, of everyone's financial situation and their individual moral character, but still promote the idea. See also: prosperity gospel, Ayn Rand.
It says that most people are rich because their parents are rich. Not because they inherited their wealth. Stable home life, good schools, good network, good attitude and a financial backstop in the event of disaster (which allows a higher risk appetite) are all things that correlate positively with becoming rich. Your parents can give these without a penny of inherited wealth.
> It says that most people are rich because their parents are rich. Not because they inherited their wealth.
Fair enough. It's an astute observation, but it's misleading to say the first sentence, yet not imply the second, since most people aren't going to read into it that deeply. You'd just say: "Most people who are wealthy are so due to their stable home life, good schools, good network, good attitude and a financial backstop in the event of disaster". Why would you lead with parent wealth? It pre-supposes inheritance without additional context.
I guess it depends on the definition of "rich". "Stable home life, good schools, good network, good attitude" usually attributed to somebody being in the "middle class" and is not necessarily considered "rich".
Nobody ever got anywhere without at least some luck involved. I think people deserve credit for any wealthy growth above and beyond what you'd expect for the asset they started with.
“Being rich because your parents are rich” can happen by a lot more ways than inheritance. In addition to gifts at death, there are gifts throughout the parents’ lives, equity gifts (you can buy one of the family houses for cheap or live in it for free), fully paid Ivy League education, prep schools, the parents can finance a startup, provide low interest loans, etc. I wouldn’t consider any of these as “self made” but they are not inheritance.
A top university education isn't essential to becoming wealthy. Saving habits likely have more influence. You can go to Harvard, and then secure a well-paying job, but if you're going to spend your income on a penthouse in Manhattan, you're not going to be saving anything. Is it a leg up? Sure. I hate to use anecdotal evidence, but I went to a virtually no-name CS school, and ended up in the top ~5% of the income distribution 4 years after graduating.
Having a high income doesn't make you rich if you just spend it all... By definition, being rich requires spending much less than you make, unless you inherited it. Whether that counts as "penny pinching" is a different matter, but the ability to live within your means is certainly accessible to most people if they're willing to delay gratification.
From what I've observed, the very rich don't generally "watch" much at all. For example, Gates, Buffet, and Musk are all widely reported to read voraciously. Its almost impossible to have a big TV watching habit and also a big book habit. As for the rest of your verbs, I'd expect the spread to so wide as to be unusable in forming a singular data point. While certainly having access to institutions I could never approach, even billionaires have been known to eat McD's, and I'm sure that Bezos has eaten at Whole Foods. They're just people, after all.
Rich people have access to plenty of services and price structures that rip them off. There is a whole industry comprising of essentially leaching off rich people.
If you're rich, you're an marked target for every Tom, Dick and Harry out there looking for a quasi-free ride (not even counting the outright criminals).
Keep in mind that Fitzgerald is quite likely simultaneously criticizing both the aristocracy with their snobbery and the advantages they are born into while also very sardonically ridiculing the idea that taking such an obviously simplistic view of the situation could ever actually be a valid view.
Note that the difference in wealth applies over time. A middle class Irish person today would seem fabulously wealthy to an Irish peasant of the mid-1800s. (Estimated by some to be on average about half as wealthy as a contemporaneous American slave.)
I'm wandering what services and price structures you are referring to. Examples? While there are vast differences between what's available to low income vs., say, upper middle-class people, the differences on the other side of the distribution curve are not that dramatic.
For example, wire transfers in the US are fixed price regardless of the amount, ACH transfers are practically free, mortgage rates cannot go lower than treasury notes, etc. Or maybe I am misinterpreting who you consider as "normal people".
Naval gazing about what a subset of a subset of people are like, while most of us on HN are mostly still in the global 1% (through nothing more than a birth lottery) doesn't really help anyone and is downright unproductive.
> If you look at BCH and BSV you will see the coins also moved - this looks like someone moved to do a split of forks. The good news (if that is the case) is that this likely will mean sale of BCH and BSV, not BTC!
If that's the case, it implies that someone is looking to liquidate the value of their BCH/BSV they got for free in the forks, and need to move the BTC too since otherwise the transaction would be valid in all 3 chains.
There are other ways to split the coins. The simplest one would probably be to send a small amount of BCH to the address (which only exists on that chain), wait for it to confirm, and then move all the coins including the BCH making the transaction only valid on that chain. You can then do the same on the BSV chain, leaving the BTC chain untouched.
The forks are only changes in the rules, the keys and the addresses are the same. So if you've got money that hasn't moved since the fork, then any transaction to that money is valid in all forks. Only if different forks accept different transactions to the same account does this stop working.
I haven't looked into how people avoid this, I suppose you could bully people by listening on the fastest chain for transactions and then rebroadcasting those to slower chains, in theory you have some chance of messing up their shit.
The final transaction is a total of 13611 bytes in size while the test one is 1220 bytes. There is a fee per byte in the Bitcoin UTXO model. An unspent transaction output (UTXO) contains information about who can spend the bitcoin so there is a fee attached to every byte of information in a UTXO because miners spend computing power processing every byte. The final transaction contained 15 UXTOs which made it a lot larger in size than the test one which only contained 4 UTXOs. The final transaction had a fee of 480 satoshis per byte and the test one had a fee of 435 satoshis per byte.
13611 * 480 = 6533280 sats which is 0.06533280 BTC which is ~$675 USD
1220 * 435 = 530700 sats which is 0.00530700 BTC which is ~$55 USD
if you're wondering why the fee per byte is not the same for both transactions, it's probably because the recommended fee fluctuates depending on network congestion throughout the day. If you're wondering why the transaction fee per byte is higher than average, well it's probably because the sender is a billionaire who doesn't really care and just wants their transaction processed quickly.
Well yes obviously it doesn't matter but that fee is way higher than average for a fast transaction meaning they're ok with spending a lot more than the average sender.
You could, but you'd also have to modify the checksum built into the bitcoin addresses in order for most (all?) bitcoin clients to broadcast the transaction.[1][2]
I've done this for~$500 in ETH, but I received that as payment for code written months ago that never passed review, so I wasn't expecting it anyway. Still a bit of an emotional roller-coaster to receive free money, then inadvertently throw it away within a few minutes.
Yeah. It seems silly to perform this transaction all at once. The size of this transaction magnifies the consequences of any sort of error and attracts what I'm guessing is very unwanted attention.
If you’re a whale and want to someday liquidate this, ideally at higher value, you want the world to see big things like this. It will remind people that bitcoin network is still very much alive despite the repeated death sentences made by supposed financial experts.
Well, on the other hand you can also look at this and think, I better not put any money into bitcoin, cause there are individuals out there that could single-handedly destroy the price by cashing out. And you might say, it is in their interest not to do that, but I think it is in their interest to be the the first one to do that.
Nah, the smarter plan is to keep the dream of bitcoin alive while you trade your bitcoin for other assets; this is how companies buy other companies with stock-only purchases.
Correct me if I'm wrong, but afaik there is no "eventual" invalidation in bitcoin: either the destination address fails the checksum (so nodes immediately reject the transaction), or you send the funds to an (unused) address where they'll sit forever.
You are mostly correct. Except only your Bitcoin client sees the checksum/address, the raw transaction has just the pubkey hash encoded in the address. So there is no checksum for other nodes to check. If you accidentally crafted a transaction with the wrong hash in the scriptPubKey, the network would happily accept it.
If the transaction doesn’t end up in the canonical version of the blockchain (ie the nlockchain still says its unspent), then surely you can transfer it again, no?
Of course if the blockchain does say it was transferred to a nonexistant address then its gone forever. I guess if it passes checksum, this is the likely scenario?
A tx will go from your client (which should reject an invalid tx to start with) to a node (which will verify and reject an invalid tx) to many other nodes (which will all verify and reject an invalid tx) to the node that's publishing the next block (which will verify and reject an invalid tx). I guess a broken client could think a tx is valid when it's not and not let you re-spend it, but it'll be rejected pretty much immediately after that.
Technically there is no such thing as a nonexistent address. There are used and unused addresses -- an unused address is just an address with no history, but there's no way to tell if anyone has the private keys for it or not. I guess it's possible accidentally typo an address that somehow passes checksum (let's pretend that people actually type in addresses... nobody does that, copy/paste or QR code) but it's very very unlikely.
Yeah this also took me a while. I thought someone found a vulnerability in Bitcoin that, instead of burning coins, actually is a valid transfer but somehow without revealing wallet addresses.
Is it a billion dollars, though? I mean, if you started selling them, the market price would likely go down. In other words, are there enough people looking to buy 94504 BTC at current market value?
Sure, but the flip side is that if you had a billion dollars you couldn't acquire this many BTC because the price would move against you the other direction.
> Is it a billion dollars, though? I mean, if you started selling them, the market price would likely go down
It's actually a good question. Very few actors in the Bitcoin space actually know what the "global order book" looks like and how much liquidity there actually is in that market.
"What happened to the private keys" is only an interesting question if we know something happened to them at all.
For all anyone knows, Satoshi is a government biding its time, aliens, a hacker with a messy apartment, dead and their inheritors don't know what they have, already independently wealthy and doesn't care about their wallet, did it all for the lulz and doesn't care about the wallet. It's apparently not, but if this were Satoshi then I find these questions far more interesting: Who is Satoshi? Why was their identity hidden? Why emerge now?
Satoshi was probably Hal Finney, who passed away in 2014. The most likely explanation of what happened to the keys is that they weren’t properly safe guarded early in development because no one thought that one day bitcoins would be worth $20,000 a piece. When Finney died their total value was “only” around $45 million.
If Satoshi is Hal Finney, and dead, then "what happened to the keys" isn't an interesting question. If this were Satoshi reemerging, then "what happened to the keys" isn't relevant, because they're clearly fine.
Quite the opposite. If Satoshi is still alive that entity is worth around $10 billion. Incentives are a powerful thing and the fact that Satoshi hasn’t made a transaction in years is strong evidence those keys are lost.
My blockchain might be a little rusty, but is it possible to tell the order in which a coin was mined (vs the total) from the information in the chain?
If so, should be possible to find satoshi coins relatively easily, no?
Bitcoin doesn’t really work like that, a “coin” is just a value tied to an address, so individual coins are never transferred. What you can do is see all the incoming transactions to an address to identify which addresses received the earliest mined coins.
My main problem with Bitcoin, etc. is: it is just too complicated.
I mean, I did study CS and do have some knowledge about math and cryptography and I followed Bitcoin from the beginning with curiosity - and I still only have a vague understanding of it all. Now sure, I could invest some days and really study it and things would probably look different. But if it is hard for me, how hard is it for the common person?!
I believe the base of a new money-system should be simple, for (allmost) everyone to understand. Because yes, the current mainstream fiat money banking system ... is not simple at all, either.
But if it is so complicated, only some people can understand it, than there is way too much room for fraud ...
Tangentially related - a couple of the guys who did the "Mic Dicta" podcast (an interesting and funny legal podcast, sadly now defunct) just recently started another podcast called "ALAB" and put up a brilliant episode going over Craig Wright's recent Bitcoin travails in court: https://soundcloud.com/alabpodcast/episode-3-faketoshi-the-p...
Sharing as a comment here since it maybe doesn't make sense as a submission on its own, and since there's likely a number of people in the comments of this story who would enjoy it
wow. So if someone has looked, could you summarize the history of the sending address? (When did it have transactions, etc.)
Also, if someone wanted to turn this into fiat currency over a short but not instant period of time (such as 1 month for example), could they get close to 1,018,147,922 USD or even over 30 days would that diminish the price too much?
(I am thinking for example if an institutional investor early on bought 94,504 bitcoins and "just realized" they have it or something, but only really cared about dollars or their fund is over and they have to pay out the cash or whatever. For whatever reason, if they want cash now.)
I am not an expert and this is a very rough estimate, but this data[0] shows 7-day rolling USD trading volume on major exchanges. It's pretty volatile but fluctuates from $300m to $110m daily.
I would guess that this is liquid enough to be able to pull out $1b+ over 30 days, perhaps drawing some attention. This is also only for USD. Would love to hear an expert's thoughts as well.
3 months ago, BTC price was ~8k USD/BTC, and now sits at ~10.5 USD/BTC... So is it really sitting without earning interest? What other investment gives you ~180% interest rate year over year[0]? I wouldn't exactly calling this "$1 billion sitting without earning interest".
[0] I know I'm oversimplifying here, there have been ups and downs in price, etc
Bitcoin is essentially deflationary. If Bitcoin maintains its utilitarian value, it will only grow in monitary value since less and less coins will be minted until no coins are minted, and also as people lose access to their keys.
I speculate that in the future, Bitcoin might become valued so highly, that people don't even bother using it in favor of other coins, and as people don't use it, no one then accepts it, then it loses value, and by then people are accustomed to using other coins, and Bitcoin dies. Who knows, I probably won't live long enough to see it.
No matter how unpopular it becomes, it'll just be lowered in value, eg, deflated, but still usable. It will never fail unless the cryptography underlying it (or a bug in the design) causes it to fail.
> I speculate that in the future, Bitcoin might become valued so highly, that people don't even bother using it in favor of other coins, and as people don't use it, no one then accepts it, then it loses value
This is similar to Gold with the difference that it still holds value, it is so expensive that usual shops don't accept it though but still has high value, am I missing something?
Bitcoin is deflationary relative to USD, so it benefits from inflation without additional issuance. Assuming the demand and(immeasurable) real value of Bitcoin holds constant, we should expect its price to increase at pace with inflation.
Bitcoin is inflationary, as there is new money created every 10 minutes or so. Wether it increases or decreases in value relative to the USD is subject to speculation regarding the expectations of the "demand" of bitcoins, which are certainly not stable. USD on the other hand is much more stable regarding inflation or deflation.
There are what, about ~2,000 billionaires in the world? Of those, I don't believe any of them would hold a billion in BTC. From what I can tell, it has been ruled out that this is from any of the exchanges. Is this a possible nation-state transaction?
The thing about large sums of bitcoin is that they aren't worth what the conversion rate says they are. Trying to spend 95 thousand bitcoins would shatter the market and send the value of a bitcoin way, way down.
Nice Szabo: "Such confidence in Bitcoin is splendid, but a 94,500 BTC tx tempts fate. If recipient can make that much from reversing the tx, they can afford to run a 51% attack for more than 40 days. Big if & very visible, but security here depends more on trust & less on the protocol itself."
https://twitter.com/NickSzabo4/status/1169848736819773440
Is there a scenario where systematically concentrating outstanding BTC into a few massive piles can be used to destabilize the whole BTC infrastructure?
Well now that I have a place to ask this question...
Could someone explain to me about 51% attacks and if bitcoin is vulnerable to one?
Hypothetically, a government decides to put forward enough resources to perform a 51% attack on bitcoin. Is that possible? If not, why? And is this something to actually worry about, or could something be done to combat it?
I wrote a chapter on how cryptocurrencies work and what a 51% is in a hopefully approachable manner[0].
Basically the security assumption in Bitcoin is that at least 50% of miners are honest and work for a profit. A 51% attacker can recreate the latest blocks and remove all transactions from them, effectively the ability to reverse payments.
Hypothetically the government can gain 51% hashrate. For example China could take control of all miners there (currently more than 50%) and use them to attack the chain.
This type of attack can be detected. An extreme type of defense is to change the proof-of-work algorithm, making all existing miners worthless. This has been done several times in Monero for example.
In a degenerate case with enough power a single entity could mine several blocks faster than the main chain can mine one. In that environment they would be able to reverse any given transaction essentially by making a transaction waiting for that to get several confirmations (blocks created after that transaction is included) and waiting for whatever real world purchase went through then releasing the other blocks they had mined without that transaction included. The client is programmed to chose the longest chain available so the old public chain is abandoned in favor of the attackers new chain which doesn't include the initial spend. Now according to the blockchain Alice never sent Bob the BTC so the money is back in Alice's address and Bob is out whatever real world or off chain changes were made.
There's two ways to do this either tactically to reverse your own transactions or randomly to essentially screw over everyone and sow FUD in the reliability of BTC transactions.
One good note is as far as I know the Lightning network shouldn't really be vulnerable to this (except maybe for channel opening?) because either party can submit the most recent transaction and have it reflect on the BTC chain.
When you control 51% of the nodes you can make them agree to anything and takeover the network. Yes, BTC is vulnerable. A few years ago China has >50% of the nodes for a bit, making people nervous.
The problem there is that then people lose faith in the network, and don't honor transactions, and it collapses in value.
No you can't. You have the power to prevent or revert transactions, and that's it. You cannot print unlimited money for yourself or steal coins from an address you don't control.
I've seen this "lose faith" brought up a few times. What I don't understand, is since this vulnerability still exists, why haven't people lost faith already?
the working assumption is that an attack like this is really hard to pull off (financial and technical barriers). Also, the older the blocks in the chain, the harder it is (the more new blocks you have to compute and propagate).
In my opinion, there is nothing wrong with the fact that people want to secure their funds and make certain transactions by transferring money from one wallet to another.
Probably not. If that guy could show he really had the bitcoin (dubious in itself) and was handing it over as part of a court settlement, that would be news.
Interesting. There are 17~18 million BTC in existence[1], so this makes up for about half of a percent of total BTC.
(of course a lot of those BTC are lost forever due to forgotten keys, hard drive crashes, thrown out hard drives, etc, so who knows what the actual amount of accessible BTC is).
A few hours ago several #xcoin txs were made consolidating 94.505 #BTC in now the 5th largest address 37XuVSEpWW4trkfmvWzegTHQt7BdktSKUs, they have been accumulated since 2016
Is associated with
@BAKKT
due to its launch today (deposits and withdrawals) 🧐
Probably related to Bakkt. The interesting thing here is how inexpensive was the transaction fee. How does banks transfer this kind of sum and how much would it cost?
It would be free with a bank. If you have that much money with the bank, they will bend over backwards for you. For example with E*Trade I think any wire is free if you have 1 million with them.
Why not? Are you implying that it would technically break some sort of system or something like that? If I legally own a billion dollars in a Swiss bank, and I want to move it to a Cayman Islands bank, there is certainly a room full of well-paid men in fancy suits that will gladly accommodate that.
Or, perhaps more similar to the topic, if I wanted to move a billion dollars from one UBS account to a new UBS account, I certainly could. Some special guy would probably have to turn the key for me, but if I have a billion dollars in a UBS account I surely know that man by name. And also, I would have the benefit of doing it privately, unlike with Bitcoin.
I've seen a EUR 1B+ transfer (a transfer from the central gov't tax office to a major municipality with "their share" of income tax constituting a major part of their budget) being executed in the backend, it was really nothing special execution-wise. After all it's all just numbers in a ledger about who owes whom what - just this number was slightly longer than usual.
It would require an extra pair of eyes compared to a 1M payment (which are very common), but that's not a significant difference in process, just one more employee would have it in their queue for approval and it wouldn't even increase the time as it'd jump to the front of the queue of payments that need some oversight. It could involve some extra notification as $1B leaving or arriving is meaningful enough to impact your liquidity and reserve requirements and thus your trading desk might need to borrow/lend some cash.
I'd assume that a major bank might have $1B+ payments quite often - I mean, the T-bond market alone is $500B daily and probably some of the individual trades are larger than $1B; then every delivery of a $1B+ industrial project is probably accompanied by a similar bulk payment and the projects across all the industries add up.
It would be free if done through a bank and you could actually get a lot of free steaks out of it. Once you have a little bit of money banks start treating you well, when you have a lot of bit of money they treat you really well.
I had a casual acquaintance who had a few hundred million dollars managed by a large US bank.
His son--who only had single-digit millions--wanted to buy a house, so the dad talked to the bank and they arranged a zero-interest mortgage for him. They were happy to pass on what they might have earned from the mortgage interest (a few hundred thousand dollars, I'd guess) to make this guy a happy client.
Are you sure it was a real mortgage? Many of these stupidly-rich-person ‘mortgages’ are actually loans against collateral (and can go interestingly wrong if the value of the collateral drops rapidly).
They used to pass physical currency around. The US mint produced high denomination notes — up to $100,000 — for this purpose (no they weren’t because of inflation, like in Weimar Germany or Zimbabwe)
All currencies do. In exchange markets currencies are often measured in reference to each other, just pop open Bloomberg's currency page: https://www.bloomberg.com/markets/currencies
I am not a proponent of crypto currency by any stretch, but I disagree with this. The fact that BTC has dollar value simply indicates that BTC can't be spent everywhere the dollar can. IMO the real failure of BTC is runaway deflation, which leads to it being an "investment" relative to fiat currencies.
Today it's pretty much just for launderers, criminals, gamblers, and people who don't know how it works/people looking to take advantage of people who don't know how it works.
By “unknown”, does that mean that none of the source addresses that collectively sent the sum to one address did not have previous transactions from sources that were known? I rather doubt it, unless the sources were mining wallets (which would show up as coin bases).
You don't have to be happy about being unable to do like a single click. I agree the headline was confusingly written but happily stating that you're not going to put any effort in whatsoever... I think that's why you are/were being downvoted, not for the question.
I read the article. I also looked at the transaction. But the transaction was made up of maybe two dozen input addresses, and I didn't feel like walking backwards through each of those on my phone.
My question was, has nobody walked them all back to a known address? I find it hard to believe that one of those inputs wasn't downstream of some transactions from a known address.
It's not necessary for me to explain this here, and you were being helpful to me; I'm just clarifying what my intent was with that apparently misleading? statement was.
Watching things like this, I think bitcoin could eventually replace the government-backed currency.
Everyone can watch them move. If you spend 1$ from that wallet to buy even a mars bar, your identity will be known to others. How CLEAN and clear is that?
Only if people own their wallets and transactions happen on-chain. We're far from that point, both for technical and social reasons. I like having my money in a bank and using my Visa card because I feel safe doing it. If I lose my card or get a bogus transaction? Just use your insurance. Beyond that, if you want additional services not provided by a blockchain such as getting a loan, I'm sure banks will ask you to put your money into one of their accounts so that they can do... banking. I love it when a cryptocurrency enthusiasts replies to "bitcoin is useless in the real world" with "well actually my Coinbase-issued off-chain-settled Visa card works really well thank you". Congrats, you've got yourself a bank.
If your wallet is actually owned by a bank then chances are your actual purchases will be obfuscated. Banks will only settle transactions with other trusted establishments "in bulk" to speed things up and reduce fees.
Don't drink the overenthusiastic cryptofanatic kool-aid, banks are going nowhere. Those who say that cryptocurrencies can replace them either don't understand banks or they don't understand cryptocurrency. Probably both.
Theoretically crypto will never replace government backed currency if the world economy and politics is stable.
Look at Turkey. Venezuela. Argentina. China. North Korea. People are already not trusting government backed currency. I don’t mean to over generalize. I just want to say it’s not just a dream. It’s possible.
Crypto is only working in places like Venezuela because other states ARE stable (America). If the whole worlds situation goes to shit then it's just as worthless as fiat.
But on the other hand it goes against every rule about privacy, why do people know how much I have, or what I buy, the only privacy this give is privacy by obfuscation.
yeah. you obviously don’t get how bitcoin wallets work. you can have more that one address associated with the wallet and you can spend out of multiple addresses. there are also ways to anonymize the addresses (not to mention that you can create as many addresses as you want to begin with).
The rich and powerful wouldn't be affected by this. Having this kind of transparency would be annoying and inconsequential for most people, and then it would be border line dangerous for many groups (the poor, those in abusive relationships, etc). No thanks.
In a way. Washing it is pretty easy though. Send $50 into whatever exchange-du-jour is popular, then withdraw it back out into a clean wallet. Now you can buy all the Mars bars you want.
You understand that many transactions among influential people are not denominated in dollars, right?
Power is money is truer than money is power.
If anything, it seems to me like dollars are used in two ways. One, to 'make change', to balance out a transaction. Two, as a salve to ease stress about expectations of quid pro quo. Or maybe that's just two ways to say the same thing.
Money balances the books of a somewhat cynical gift economy.
https://blockstream.info/tx/4410c8d14ff9f87ceeed1d65cb58e7c7...
There are numerous inputs and a single pay-to-script-hash (P2SH) output.
The relatively high fee is due in part to the large number of inputs. ~400 satoshis/byte is high by today's standard but not too unreasonable as early as 2017.
We can't tell anything about the identity of the owner(s) of the new coin from the block chain alone.
Making a transaction this large is a security risk. It effectively establishes a billion dollar bounty for any party who can rewrite enough blocks to erase it. Now that the value resides in a single coin, any subsequent transaction faces the same risk. Plunking this much value into a single coin seems like an odd strategy at best. Not to mention the destruction of privacy in combining all those inputs into a single transaction with a single output.
I can think of one reason you might want to do this. A consortium/trust has formed in which individuals pay into a common pool of money. That money is then protected with a multi signature script (consistent with the P2SH type). Given a threshold of signatures, the money can be spent, subject to other constraints. These will remain unknown until the first payment is made. At that point we'll know the number and identity of all the eligible keys and the threshold needed to make payment.
If so, this transaction can be thought of as a kind of digital charter for the consortium in that it defines how the money can be spent going forward.
Edit: to be clear, the "bounty" I'm talking about can't be directly claimed just by mining some blocks. Instead, it would have to be claimed as part of a double spend of either the transaction in question or as subsequent transaction of the now-enormous output. Most likely, there would be collusion of some kind between a miner and the owner of the keys. I'm not saying this will happen, but the bigger the transaction, the greater the risk.