I've actually thought about putting some play money in Bitcoin, but these stories prevent me from doing so.
This guy is (apparently?) unhappy, and he's knowledgable enough about bitcoin to know to inspect forks and vins and OKPAY transactions -- and then to make two double (?) spend transactions.
If this guy is getting screwed, I'd surely manage to lose twice my investment somehow.
This guy wasn't the one screwed, OKPay (a payment processor) was; he took advantage of a several-hour window during the blockchain fork that happened a few days ago, to send them coins, wait until they gave him money for those coins, then take the coins back. This sort of thing is a risk for those operating exchanges and payment processors, not for end users. He returned the coins later - he had to, since he used an account linked to his real name - but a more-anonymous version of the same scenario is theoretically possible.
(On the other hand, there have been a few high-profile instances of end-users getting their coins stolen - usually by keeping them in an unencrypted wallet on a computer that gets a virus, but also in more exotic ways, like depositing them in an "online wallet service" run anonymously and registered to the Cayman islands.)
"This sort of thing is a risk for those operating exchanges and payment processors, not for end users."
How so?
Any double-spend is a risk for anyone receiving BTC, surely? You sell something on an ebay equivalent, someone sends you BTC, you send the goods but later find out there was a fork and double-spend situation, what happens?
It is - but how long do people wait before sending goods on ebay? If you're sending them a couple of hours later you check to make sure it's ok before you send. Ebay is a case where bitcoin works well because you can afford to wait before sending the goods. Realtime processing is where bitcoin really isn't safe.
Is there a mechanism that alerts of these forks in the blockchain? In this case it seems that something as simple as a single machine watching a 0.7 miner and 0.8 miner would have been enough to alert everyone of the issue before it went as far as it did.
Well if that's the case then they won't be excepting bitcoin. There's just no getting around that.
That's why I'm saying there should be some overview mechanism to alert of these blockchain partitions. In general you can be sure the transaction is safe fairly quickly. If the network is obviously partitioned (as it was in this - so much so it was basically manually fixed) you'd be a fool to accept transactions until it's back to normal.
The problem in this case is that someone handed over $1000 in cash while the network was partitioned without sense checking it. The bigger issue is that there doesn't seem to be a mechanism in place to help them do the checking. Really there should have been big red "bitcoin is not safe to use right now" flags going up.
Personally I think that the place bitcoin could really win would be something like micro donations for content (instead of paywalls / ads). Read an article you like, click a button at the bottom to send over a small amount of money. That feels like the sort of use case it's really well suited for. Payments that can take a while / fail in very exceptional circumstances.
If someone did a big enough version of the attack on one of the smaller exchanges or payment providers there'd be plenty of end users hurting, trust me - with a big enough attack they're not going to be able to swallow the losses or pay back customer funds, and there's no FDIC insurance for Bitcoin deposits.
He is not getting screwed, this guy is the one who made the double spend, he basically spent $10k and then when he realised the problem and tried to spend the $10k again, he did so successfully. He then made a post about it and informed the company (OKPAY) so that the problem could be resolved.
Essentially a whitehat response to the problem. The reason you wont get screwed in this way when you sue bitcoin is because of people like him that operate int he community.
I think it's basically true that unless you're selling contraband or digital goods, it's unlikely that you'll get screwed, because like any other transaction you must necessarily collect a shipping address and other personally identifiable information in order to complete the transaction.
While disposable shipping addresses (like other bogus contact details) are not unobtainable, it's usually risky because the address does tend to belong to someone, and I think it's true as well that most people are not scammers.
even selling contraband you are probably covered as long as you do not ship within the first hour or two of the order being placed. Within that time frame confirmations would have occurred or a problem identified. Even digital delivery goods that await confirmatins are fine, it really affects digital good sellers who send on 1st confirmation or do not require confirmations, bitcoins have a confirmation system for the protection of users, if you dont use that protection then you have only yourself to blame.
I'll admit it's unlikely that a single user / group is going to 51% the network (and in that case we're all hosed anyway), but you know that in that case, they could perpetuate a fork for a very long time in the darkness, and break it out later when they are ready to "unleash the fraud" on everyone, after the merchandise is received and they have permanently left the scene of the crime.
I am not an expert on Bitcoin but I think this kind of attack is possible. In that case as long as you spend your bad blocks before they can be invalidated by a longer chain, it becomes someone else's problem. If someone who knows more than me can enlighten us to why this attack would not work, I hope there is another reason than "it's unlikely that anyone would be able to 51% mighty Bitcoin now."
It's a matter of cost, not a possible vs impossible thing.
I think at 30TH/s, you'd need 500 new ASIC miners, and $500/day in power, to hit 50%. But that's just arbitrary - 2% would allow some attacks, 99% would allow more profitable ones.
At 50% of the network you'd theoretically solve 50% of the blocks, gaining 25BTC every 20m, or 72 times per day, for a "street value" of $80,000. During the day maybe $8M USD in BTC is traded.
You're talking about spending your money twice. Writing a transaction sending the BTC to someone and letting them record the transaction (transfer it to "the network") while trying to generate the next block containing which contains a matching transaction from that wallet to another wallet you control. If you fall behind you simply pretend you never tried and lose nothing by trying, except the costs of the transaction. If you win you can reveal your 1-unit chain to gain $1100 (your rightful reward for mining) or you can hide it to wait for a double-spend opportunity and try to lengthen your chain.
Meanwhile the merchant takes your transaction and sends it to the network and waits. If they're trusting they send you your merchandise now, but usually they wait for one or more blocks to be published to verify the transaction. Let's say that you can see the instant they do and their action is irrevocable. This is the best state for you. You then "simply" need to win more blocks than the rest of the network for however long until you see the transaction be finalized and reveal your chain with your blocking transaction at the head, causing the transfer to the merchant to be ignored by the rest of the network after renegotiation.
This simple plan won't work well though because when the network resyncs it's obvious which transactions are double-spent and your BTC will be known and people can refuse to deal with wallets that receive stolen coins - turning it into a painful single-spend, and loss of your mining earnings. So you need to actually coordinate a double-spend, getting something else irrevocably sent from another merchant with the same BTC. This is where it gets hard because each merchant is watching the same global pool for their confirmation and would see you spending the same BTC in another transaction.
Double-spends can only really happen when merchants are on separate blockchains already, as with the recent bug.
You're looking for something that can be converted into directly and efficiently back into BTC because if you don't manage your double-spend you're going to own this thing - this is like the house's cut. And something commodity and untraceable so you can unload it when hot. The best-case would be if someone was sending gold-bars via anonymous remailers - you'd only lose shipping costs.
A seller selling one-of-a-kind yachts which they special deliver to customers has nothing to worry about. In the months it takes to build and deliver a yacht the theoretical 51% enemy has earned enough for many yachts and doesn't need to double-spend. But a gold-bar dealer - they're justifiably worried. Luckily real-time gold shipments aren't a big deal. They can wait a day.
And when you double-spend you'd essentially lose your BTC from mining as the accounts they were paid to for the day would be blacklisted. So unless you bought more gold than your expected daily take in BTC you'd have been better off mining.
And remember that you're buying a bar of gold for every block you win and trying to get ahead enough at any point to manage to not pay so you've got to have a big bankroll and keep from going bust from transactional and infrastructure costs until you sell those incoming bars you ended up having to pay for (ie, all but the last one).
All this while competing with index funds and other far safer bets....
If you're dealing with an extremely technical adversary who you feel would spend $1M + $100K/day to mess with you, worry and plan appropriately to mitigate risk. General merchants are relatively safe though.
Technical problems resulting in people losing money happen all the time outside of the Bitcoin economy. In fact, the way these recent events were handled by Bitcoin developers and the community are way more encouraging than, say, actions taken by Visa after someone supposedly stolen a million credit card numbers.
So, philosophically speaking, Bitcoin encourages people to start thinking about being more responsible about their money safety (which they anyway have to do, regardless of what they use, Bitcoin or a bank), at the same time providing a much better way to perform transactions and save for the future.
Sure technical problems happen all the time. But there are tens/hundreds of thousands of engineers/testers across the world who get paid very well to fix them. Bitcoin doesn't have that sort of infrastructure. And if you are responsible about money safety then putting your money into Bitcoin is pretty stupid. Banks around the world insure credit card losses for any fraudulent transactions.
Actually, one of the reasons I'm so bullish about Bitcoin in the long run is the experience and maturity of most members of the main dev team. Yes, it's only about 6 core devs now, but that will grow as bitcoins market cap increases (presumably). The recent block chain split (a Bitcoin emergency if there ever was one) was handled so quickly and decisively by the core devs that the price remained relatively stable. That's pretty amazing.
I was impressed by how small the price change was as a result of this blockchain split - it gives me a lot more confidence in the future of Bitcoin. Mt. Gox saw a selloff and price drop of about 20%, which was mostly stabilized in a day, and about back to the starting price in 2. All of the other exchanges look about the same or less severe.
Your logic is slightly wrong. When a project is opensourced and popular, odds are you actually have more engineers looking at it and fixing things, than when you have isolated teams working on software for each individual bank. And that's not even talking about testers.
Then you also are paying much higher fees for what is supposed to be more safety. These fees come in various forms: government taxes, inflation, transaction fees.
Insurance in any form is never a good deal, actuarially -- the house always wins. What insurance is, is a way to trade a non-zero risk of ruin (someone steals all your bitcoin and you are broke) for a zero risk of ruin and a guaranteed risk of a small loss (someone steals your credit card number and you are not liable, but you pay 2% of every transaction).
Most people will take this trade all day, every day -- and they are not wrong to do so. It's a valid decision to pay for predictability.
There's nothing out there that prevents companies to create Bitcoin services to store and insure your savings for you. I believe they will inevitably emerge as the Bitcoin economy grows.
There's every reason to believe the infrastructure will grow as needed. Where there's money, there's people solving problems to make sure it keeps flowing.
Sadly, I have to agree with you. I have a fair amount of money in bitcoin right now, but if I didn't understand the ins and outs of the protocol and like debugging, I can think of a few incidents which would have caused me to lose money (or at least think I lost money), and that would have frustrated me enough to pull out entirely.
On the other hand, there are centralized services that manage these details for you, but then you arguably start to lose some of the benefit and appeal of bitcoin (beyond just an investment).
It looks like this possibility was known and broadcasted to merchants during the maintenance window two days ago. It's kind of like the Rails mass assignment or security bug: merchants are just going to have to stay on top of Bitcoin issues.
[Submitted March 12]
It's DanielTaylor again and I wanted to create a simple yet
intuitive post to explain the folks out there what happened
a couple of hours ago. This might also be useful for
bloggers or journalists who might be going to write about
it in the following hours.
TL;DR
The programs that read the blockchain, the bitcoin ledger,
disagree.
Due to a bug in 0.7, it says that HIS is the correct
version of this ledger and 0.8 says that HIS is the correct
version.
Miners (the people who add pages to the blockchain) are
told to switch to the 0.7 program so that this version
gains more support and the other one is discarded.
(orphaned).
Regular users are not affected. Their transactions are
included in both ledgers and don't need to change any
programs.
During that time, though, there is a slight chance of a
double-spend ocurring. That is why people recommended
merchants and exchanges to wait until there is one single
blockchain again before processing purchases and
merchandise.
...
What's a double-spend?
This is the reason why some merchants and exchanges stopped
processing incoming bitcoins for a couple of hours.
The bitcoin network prevents people from spending the same
coins by mantaining this unique ledger, the blockchain. But
now that there were two of them, it was theoretically
possible to broadcast two different transactions with the
same coins and still get some confirmations.
With some luck, someone could sneakily sneakily* buy a
television to a merchant who was reading the 0.8 ledger and
have the transaction confirmed. At the same time he could
have sent the same coins back to himself and, with some
luck, have the transaction confirmed on the 0.7 ledger.
What happens is that, in the end when 0.7 wins, the thief
will have the television and his bitcoins. Remember that
there were two different versions of the same coins!
This is not something easy to do and requires a lot of luck
because the blocks mined (the pages added to the ledger)
must be mined precisely in the correct order. But still, in
this situation it was easier to pull off and so it was
recommended for merchants and exchanges to temporarily stop
processing incoming transactions.
Now the situation has resolved and the blockchain keeps
growing happily, page by page, block y block.
Calling what happened the other day a "maintenance window" is about as truthful as describing a fire that burns your house as down as a "redecorating party".
vin = the source of coins that are being spent, plus some auxiliary data. The source consists of a (txid, vout) pair, where vout is an output index. If the client comes across an identical pair as a source in multiple transactions, all but the first will be rejected as invalid.
If you're talking about play money, say $20, why not just try? Or even $5 if you're worried about losing $20? And then try spending it at one of the thousands of businesses listed here: https://bitcointalk.org/index.php?topic=152348.80
I think you'll find that transferring money to a business or person without a bank is a very empowering experience.
It's not as if the bitcoin developers are asking people to throw their money into it. It's still experimental, subject to change and hard forks, and they've said over twitter and the forums many times not to invest what you can't afford to lose.
This guy is (apparently?) unhappy, and he's knowledgable enough about bitcoin to know to inspect forks and vins and OKPAY transactions -- and then to make two double (?) spend transactions.
If this guy is getting screwed, I'd surely manage to lose twice my investment somehow.