171
172

Our solution to bloated blockchain is physical. Welcome multisig paper notes. (imgur.com)

petrsobotka 投稿

全 68 件のコメント
並べ替え:
ベスト
トップ新着論争中古い順Q&A

[–]lacksfish [スコア非表示]  (3子コメント)

Why do I have to use the BitNotes app to redeem my funds? That's a scary extra step.

[–]petrsobotka[S] [スコア非表示]  (0子コメント)

There definitely will be an independent implementation. Our app will be open source. It's because the main QR code is not only a WIF key, it contains other things too (our signature for a particular note, nominal value and also a note pubkey).

[–]598X0T45 [スコア非表示]  (1子コメント)

Because normal smart phone apps probably do not work with multisig uploading of private keys is my guess, you probably could do it on electrum with a laptop

[–]lacksfish [スコア非表示]  (0子コメント)

Why'd I want multisig with a unknown company (BitGo?) when it comes to paper wallets in the first place?

[–]Carlscrazyidearedditor for 1 month [スコア非表示]  (0子コメント)

I think there will be a demand for physical bitcoins. Good work.

[–]petrsobotka[S] 8ポイント9ポイント  (1子コメント)

If anyone is interested, full description in the form of a white paper is here http://www.bitnotes.org/bitnotes.pdf

[–]CryptoAnthony [スコア非表示]  (5子コメント)

This may be a solution is bloated blockchains, but doesn't it allow for inflation? What's stopping the creation of multiple paper notes referencing the same public key?

[–]petrsobotka[S] [スコア非表示]  (4子コメント)

We guarantee each note has a unique private key. Since the second key is generated by you, you will end up with a different multisig address each time. It doesn't allow for inflation, on the contrary it reintroduces fully backed paper currency.

[–]CryptoAnthony [スコア非表示]  (1子コメント)

Is the guarantee based only on your word? I don't see how you or anyone else can't create more of these notes showing the same public key. If these are shared around like dollars, all a user needs to do to verify trust is see the hologram isn't scratched off and the public key shows bitcoins linked to it on a third party blockchain viewer. There really doesn't need to even be a private key under that hologram.

Maybe you have your own trust model on the note to verify BitNotes actually issued the note, which stops others from counterfeiting them, but it doesn't stop BitNotes from counterfeiting their own notes. This idea reintroduces a fully backed paper currency, but one that is backed by a centralized company.

Please explain if I am wrong.

[–]petrsobotka[S] [スコア非表示]  (0子コメント)

It's not backed by us. It's backed by the customers, we only serve as a manufacturer of these notes and a certification authority which guarantees that a particular note is backed. (to reliably distinguish between blank pieces and backed ones).

All security features included in print (holograms, watermark, etc.) serve to verify that BitNotes manufactured a particular note. You need to trust us we produce only one piece of each serial, that there really is a key under the seal, that we issue only well-founded signatures etc. However a breach of these qualities, when found and published, would destroy our business model and at the same time would not get us even a satoshi.

The main advantage over any other physical bitcoins is you don't have to trust us we are not going to steal the backing. Because we simply can't - due to the multisignature nature of the solution. Because all of this we call it trust-reduced physical bitcoins, rather than trustless. Please read the paper for more theory. Thanks!

[–]3e486050b7c75b0a2275redditor for 7 days [スコア非表示]  (1子コメント)

what's stopping someone from creating counterfeits that only have one private key i.e. the one they know? or even 2 private keys that they know?

[–]petrsobotka[S] [スコア非表示]  (0子コメント)

If you mean counterfeits of blank BitNotes sheets then all these security features (holograms, watermarks, special colours etc. ) prevent them to do it. Same as with traditional banknotes.

If you mean a counterfeit of a particular loaded Bitnote, someone could copy one QR code all over many sheets, but our signature wouldn't match the serial. You need a separate signature for each note, else it would't pass the verification and user inspection.

[–]cypher437redditor for 3 months [スコア非表示]  (9子コメント)

Why don't I just print my own with nothing in there but print it so it appears to have $100

[–]petrsobotka[S] [スコア非表示]  (8子コメント)

You can't. We won't give you our signature for such note and without that signature it won't validate. No one will accept such note. The instructions on each note clearly say http://i.imgur.com/FfZPnHD.jpg

[–]cypher437redditor for 3 months [スコア非表示]  (6子コメント)

I could just print off the exact same image you've posted there without the hidden private key. Because its a copy of the sig and message they wont know if I issued it or not unless they scratch it but then its useless. My attack just has to convince them that I issue the notes, it appears valid and they should attempt to use them at a vendor while I run away with their funds.

[–]petrsobotka[S] [スコア非表示]  (5子コメント)

If you are visiting a country for the first time and don't know what does it's currency look like or which security features it should carry, someone could probably try the same attack on you. Just print a simple color copy of a note and give it to you. Yes, your point is valid. You have to be educated about the security print features to be able to verify them or at least check their presence.

[–]Explodicle [スコア非表示]  (0子コメント)

If I'm understanding this right, the cost of faking the identifier on top has to be higher than the value of the note. Otherwise counterfeiters would just make realistic-looking copies which validate fine until the first victim redeems it, which might be a while.

[–]cypher437redditor for 3 months [スコア非表示]  (1子コメント)

Another issue I see here, I deposit x with you and you generate the keys then send me paper print outs that the merchant redeems. Wouldn't it be more efficient if I just had an ID the merchant scanned and then I authorised the transaction on his device with some passcode for the exact amount because you already know the keys and have the funds so a customer trusts you with the funds.

[–]petrsobotka[S] [スコア非表示]  (0子コメント)

The thing is we don't accept deposits neither generate the second key. It is up to the customer. Bitnotes' aim is not to conduct only a single payment. It's reusable.

[–]PotatoMusicBinge [スコア非表示]  (0子コメント)

How are you going to visit a country for the first time with absolutely zero familiarity with their currency? You wouldn't find out the exchange rate and get some money changed before you get on the plane? Nonsense.

[–]chrisrico [スコア非表示]  (0子コメント)

Congratulations, you've introduced a central point of failure into bitcoin!

[–]illuminatiman [スコア非表示]  (0子コメント)

That looks cool will check it out, thanks for you work!

[–]togetherwem0m0 [スコア非表示]  (1子コメント)

what a neat idea i love it.

[–]backslashHH [スコア非表示]  (3子コメント)

If you (the manufacturer) store the second auth factor, and get a loaded paper, you now have both auth factors. So, you can pay with this note and later on remove all bitcoins from that address.

[–]petrsobotka[S] [スコア非表示]  (0子コメント)

Really good point! You are right. It is possible in theory. The question is are we able to scan a large number of user-issued notes? To gather them somehow? Can we operate worldwide to do it? I doubt. Even if so, it would affect only a fraction of issued notes and we would need to wait to gather a large number of user private keys to conduct this attack since it would definitely totally destroy the brand and whole business model. But the longer we wait (and gather) the bigger the chance holders will redeem some notes and make such keys worthless...

[–]backslashHH [スコア非表示]  (1子コメント)

The only way this would work, if the first auth factor would be to covered/protected with the same mechanisms as the second.

[–]petrsobotka[S] [スコア非表示]  (0子コメント)

We considered this option too but it won't work. Every user who accepts a loaded note needs to verify that a valid user-added key is present so that he or she would eventually be able to redeem in case he/she needs to do so.

[–]varikonniemi [スコア非表示]  (2子コメント)

bits is a retarded name. Either use whole Bitcoins or SI prefixed. uBTC is immediately understood, bit is only in context, only by few people.

[–]petrsobotka[S] [スコア非表示]  (1子コメント)

Thanks for the comment. We are not happy about bits but there are many issues with whole bitcoins. Imagine a note with nominal value "0.01" or "0.001". The first target of counterfeiters is the small dot the modification of which can multiply the assumed value.

[–]varikonniemi [スコア非表示]  (0子コメント)

no-one writes 00.01 and a leading scraped off zero should be visible. The spacing would also be a telltale sign if . is scraped off and put in another place.

Also mBTC and cBTC could be used. And words like you already do.

[–]luke-jrLuke Dashjr - Bitcoin Expert [スコア非表示]  (5子コメント)

So like Bitbills, except encouraging address reuse which is a bad practice...

Why, when you could use HD wallet technology to make these a real paper wallet?

[–]petrsobotka[S] [スコア非表示]  (4子コメント)

No, no, not at all. There is no address reuse. Once loaded the note can circulate without leaving electronic trace. No other transactions until redemption.

[–]luke-jrLuke Dashjr - Bitcoin Expert [スコア非表示]  (3子コメント)

I misunderstood this then:

You add your own private keys and load the sheet with your own bitcoins. The funds will be stored on multisig addresses therefore we can't rob you.

Do these ones just come empty?

(Still think it might be better to use a HD seed anyway, since some wallet software can do multisig with it already)

[–]petrsobotka[S] [スコア非表示]  (2子コメント)

Yes, they come empty. Maybe you miss the main point: it's not primarily meant for cold storage. Its meant as a means of payment. (Since you cannot pay with a paper wallet because you could have a second copy). With Bitnotes you can, as long as the tamper evident seal is untouched there is no way to have a second copy of both keys.

Edit: correction.

[–]luke-jrLuke Dashjr - Bitcoin Expert [スコア非表示]  (1子コメント)

Got it. I was thinking of it like fiat currency backed by bitcoins. That is, I assumed you were selling them pre-loaded to be used as paper currency.

[–]petrsobotka[S] [スコア非表示]  (0子コメント)

It can be thought of as a fiat currency backed by bitcoins, while the backing is still with you and no one can misappropriate it.

[–]idiocracy4real [スコア非表示]  (8子コメント)

What does bloated blockchain mean?

[–]petrsobotka[S] [スコア非表示]  (7子コメント)

Blocks are full...

[–]asdfx3redditor for 25 days [スコア非表示]  (3子コメント)

I could imagine that the small silver particles that are left on the qr code might screw up the detection. Or is it robust against it?

[–]petrsobotka[S] [スコア非表示]  (2子コメント)

You are probably talking about this picture http://i.imgur.com/8tdr4iF.jpg QR codes have builtin error correction. It can stand up to approx. 30% damage. (As long as the 3 main calibration squares in corners are not damaged.)

[–]asdfx3redditor for 25 days [スコア非表示]  (0子コメント)

Yes, sweet.

[–]rya_nc [スコア非表示]  (0子コメント)

Hopefully you do some extensive testing - I've seen bitcoin scratchoff things before where the private key ends up getting destroyed beyond the error correction's ability to fix.

[–]realmenlovecats01 [スコア非表示]  (0子コメント)

Those are some sweet looking bills!

[–]wesdacar [スコア非表示]  (0子コメント)

awesome!

[–]ProfBitcoin [スコア非表示]  (1子コメント)

Similar to that USB stick thing that got shit all over in the comments here recently

[–]petrsobotka[S] [スコア非表示]  (0子コメント)

If you mean OpenDime please link the specific thread. Our product i quite different.

[–]v4vijayakumar [スコア非表示]  (1子コメント)

Can I post something relevant?

I posted last year about using real national currencies for bitcoin transactions. We also discussed it on bitcointalk.. but there was no interest at that time.

I'll try to find the link.

[–]getkaizer [スコア非表示]  (9子コメント)

multisig means i do not completely own my bitcoins. that is effing dangerous. what if the other side crashes or goes bankrupt or has an invasion or security breach

[–]ecafyelims [スコア非表示]  (8子コメント)

The other signature is printed on the paper and covered with the scratch-off.

[–]petrsobotka[S] [スコア非表示]  (7子コメント)

Exactly, the first key which is generated by us is under the tamper evident seal. In case we go bankrupt you can still redeem it. You own it and you are the only one who controls it.

[–]ecafyelims [スコア非表示]  (6子コメント)

Do I print the other key on, or do I have to send it to you for printing?

[–]petrsobotka[S] [スコア非表示]  (5子コメント)

You generate and print it yourself. That's why it is a sheet at first, not single notes. We only need to know the corresponding public key to check the P2SH address and verify it's loaded. After that we grant you a signature and you print it on the sheet and separate it to single notes. Our sig can be used for offline verification.

[–]ecafyelims [スコア非表示]  (1子コメント)

I think it would be very helpful if you make a video from start to finish showing how to acquire, print, verify, and spend the notes.

Right now, I don't know what you mean when you say "Our sig can be used for offline verification"

[–]petrsobotka[S] [スコア非表示]  (0子コメント)

You are right, we plan to make such a video. When the supporting mobile apps are ready and released we will definitely publish that video.

[–]3e486050b7c75b0a2275redditor for 7 days [スコア非表示]  (2子コメント)

After that we grant you a signature and you print it on the sheet and separate it to single notes.

wait what? i was under the impression that your private key is pre-printed and hidden underneath the holographic sticker. users generate their own private key which is printed openly. the address is 2 of 2 multisig and as long as your private key is hidden people can be sure the money has not been spent.

but what is this about a signature? you need to do a better job of explaining this because so far i, for one, don't get it.

[–]CryptoAnthony [スコア非表示]  (1子コメント)

I don't think it's multisig in the sense that we know. What he is trying to say is that BitNotes has their own signature (completely unrelated to Bitcoin) that allows anyone to verify with Bitnotes that the note is legitimate. However, this centralizes trust to BitNotes. If used like cash, they become the Federal Reserve.

[–]3e486050b7c75b0a2275redditor for 7 days [スコア非表示]  (0子コメント)

we can speculate till the cows come home. he should just explain things better so we don't have to speculate.