
Relevant in these crypto days – $5 wrench attack - atrudeau
https://xkcd.com/538/
======
Ajedi32
AKA [Rubber-hose cryptanalysis][1].

[1]: [https://en.wikipedia.org/wiki/Rubber-
hose_cryptanalysis](https://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis)

~~~
atrudeau
Given your attacker doesn't know your balance, using Trezor you can create
different passphrases for different wallets (
[https://doc.satoshilabs.com/trezor-
user/advanced_settings.ht...](https://doc.satoshilabs.com/trezor-
user/advanced_settings.html) ). So you can unlock a fake wallet with a small
balance to circumvent the attack.

------
nugget
This is one element that fascinates me about a crypto based monetary system.
Crypto wallets are essentially bearer assets. Modern finance moved away from
bearer assets for very specific reasons related to theft, fraud, and other
forms of criminality. In theory a thief could break in and force you to wire
out your Fidelity balance to a third party account, but in reality there is a
lot of friction and risk involved in that process. With crypto, there is much
less friction and much less risk. I read the article about Bulgaria having $3
billion in Bitcoin and at the end was just wondering who in the Bulgarian
Government has the passphrase for that wallet, and what is going through their
head watching the price rise.

------
Talyen42
Good justification for a lockout triggering mechanism built into a protocol:

Spitballing, but this could give a user a 1-month or 1-year or any kind of
lockout condition by attempting to access it with a lockout-designated private
key, along with a way to provide "proof of lockout" to deter attackers from
continuing the wrench beating.

------
ErikAugust
Aren't passwords still superior to biometrics, in this regard?

You can bludgeon someone with a wrench but they can choose not to give you the
password. Or you can bludgeon someone until their unconscious and use their
fingerprint.

~~~
zaarn
I'm fairly certain that most people on this website will happily sob their
password once they got a few dozen hard whacks with the good ol' wrench.

You can _choose_ not to tell the password while you get whacked but then
again, you're getting an awful lot of pain, misery and head-trauma, so very
few people will act rationally.

And we haven't even started with the electric shocks yet!

------
brndnmtthws
Frankly the same thing applies to your ATM card. All the more reason not to
broadcast your net worth to the world.

~~~
atrudeau
Your bank imposes withdrawal limits. I imagine it is for this very reason.
This would be a interesting idea for Bitcoin. On Ethereum this might already
be possible with a smart contract.

~~~
AstralStorm
There are also card lockout procedures (usually not destroying funds) and
dispute procedures.

