
The largest unknown Bitcoin wallet moved nearly $1B for $0.48 in fees - timcc50
https://decrypt.co/34047/the-most-secretive-bitcoin-wallet-just-moved-nearly-1-billion
======
jpkoning
If we both join the bitcoin network, we can exchange $1B for $0.48.

If we both join set up accounts at a regular bank like RBC, we can exchange
$1B for free.

The point I'm making is that fees are not bitcoin's strong point. Any
financial network can undercut it. What _is_ unique about bitcoin is that not
everyone can get an account at RBC, but anyone can join the more expensive
bitcoin network.

~~~
grubles
Well the point is with Bitcoin you don't have to trust RBC to not freeze
and/or abscond with your $1B.

~~~
erfgh
You do have to trust yourself to have 100% flawless security because one slip
and you lose that $1B to a Chinese hacker with no hope of ever getting it
back.

~~~
thekuanysh
Why do you have to add “Chinese”?

~~~
beaner
Who cares? It could be anything. Random descriptions add flavor. Bitcoin is
also popular in China anyway.

~~~
ttam
As a Chinese, I care.

~~~
beaner
Would you have cared if they said "Russian hacker"?

------
ipython
Unpopular opinion: why do we care so much about making it cheaper for rich
people to move money around? Do we think somehow that will “trickle down” to
us mere mortals and put western union and their ilk out of business?

~~~
_jal
Even more unpopular opinion: humans should be as free as capital.

Making capital transfers easy while restricting the movement of real people
ghettoizes and traps people for corporate convenience and cost savings.

~~~
as300
Calling nationalities and cultures that arise from a group of people being
forced to live together a "ghettoization" is a bit of a stretch

~~~
qeternity
That's literally the meaning of the word...the negative connotations came
afterwards.

~~~
as300
The OP used the term in a negative sense, to justify removing all borders...

~~~
_jal
I said nothing about removing all borders. Do not put words in my mouth.

And my word choice was accurate; what you choose to read in to it happens in
your head, not mine.

------
kchoudhu
Pretty sure the fund I work for moved several billion dollars for free on
Friday...and will do the same thing again this Friday, the Friday after that,
and the Friday after that.

Cryptocurrency's obsession with fees is baffling. Fees are not why moving
money is hard.

~~~
dylkil
Whats worse is Bitcoin's security depends on high fees, but you have articles
like this celebrating low fees.

Satoshi intended for bitcoin to scale to hundreds of millions of transactions,
all paying sub cent fees. All those fees would add up to millions of dollars
per day. The fees are what secure the chain when the block reward runs out.
Around 2014/2015 some devs who worked with blockstream started campaigning to
keep the block size limit at 1mb. They succeeded and now bitcoin can only
process an average of 350k transactions per day.

In order to provide the same financial incentive to miners when the block
reward gets too small to matter, the minimum fee on the network will need to
be $25 per transaction.

But ye, horray, this whale got to send big cash for a "low fee"

~~~
johnpaulkiser
That isn't even slightly true. This debate has been settled a long long time
ago.

Running a full node is the only way to assure the integrity of the currency.
Increasing the block size decreases the number of people that run full nodes.
It's obvious to anyone who works on Bitcoin that a linear increase to
blocksize can never scale, while maintaining an open and decentralized
environment.

~~~
dlubarov
> Running a full node is the only way to assure the integrity of the currency.

Another method is to use cryptographic proofs to demonstrate the validity of a
blockchain state. A lot of newer projects are taking this approach, such as
the project I work on, Mir Protocol.

Granted, it doesn't seem like a realistic option for Bitcoin. The community
doesn't seem very open to major protocol changes, and even if it were,
cryptographic proofs for Bitcoin might be prohibitively expensive since the
protocol wasn't designed with that in mind.

------
Ansil849
For all of the talk about how Bitcoin is not truly anonymous, this wallet
demonstrates otherwise, with the apparent 'anonymity proviso' being that you
don't do too much with it, and just let the coins sit.

~~~
matthewdgreen
We're having a discussion on HN about a specific person moving a specific
amount of money around. That by itself is basically the opposite of privacy.

~~~
Jtsummers
Ansil849 already said this, but when talking about things like this there are
actually multiple related, sometimes orthogonal, factors:

Anonymity - the quality of the user being unknown

Privacy - the quality of the user's actions being unobserved

Authenticity- the quality of the user's actions being certainly the user's

Bitcoin provides pseudonymous transactions, which may approach anonymity if
the user is careful. It does not provide true privacy as all transactions are
public. But the purpose of the transactions is not communicated, though may be
inferred if the parties are identified. If I transfer $20 in BTC to a pizza
joint, you can guess that I bought a pizza, but it's just a (well-founded)
guess. It provides a high degree of authenticity in that it is a hard problem
(in the mathematical sense, unless your keys have been obtained by an
adversary) to fake a transaction.

~~~
matthewdgreen
Yes, I have a PhD in cryptography and designed two of the first privacy-
preserving extensions to Bitcoin. Bitcoin provides pseudonymity. If no other
information can be inferred about a transaction from other sources, users may
be able to protect their privacy. In practice this is extremely challenging,
and the information leakage this post is discussing is highly unnecessary, and
a weakness of Bitcoin.

------
knudsen80
How many times would you double check the address before hitting send? I would
think to minimize risk, would slice this up into a few transactions...

~~~
RL_Quine
I've been party to large Bitcoin transactions (100M USD or so). It had a team
of people involved, each responsible for independently verifying the
transaction before it was signed for correctness. It's hard to make mistakes
if you have a group of engineers who are all tasked with ensuring the validity
of a transaction with their own tools.

The fun bit is that the signer can backdoor transactions, and that part isn't
something that can be verified by anybody who doesn't have the private keys.

~~~
Drip33
>The fun bit is that the signer can backdoor transactions, and that part isn't
something that can be verified by anybody who doesn't have the private keys.

Can you explain this? This is contrary to my knowledge of reviewing the
details of a pre-signed transaction.

~~~
RL_Quine
Sure. The basic idea is that signer can choose a ECDSA nonce (k) that they
know, and leak the private key. If I choose a known nonce for my signature, I
can recover the private key from the published transaction instantly. With
some ECDSA magic, you can even produce a nonce that is only recoverable with
another key that you hold. So a hardware wallet for example can backdoor
transactions to leak the seed through the signature, or a specific key, or put
any data there that they wish. The "offline signing" defense is only good for
one way, as there's always data leaving the system which you can't easily
audit.

This is only detectable if you have multiple signers signing the same
transaction using the same private key and the same method for generating the
nonce, and you compare them before broadcasting. So perhaps using hardware
wallets from 3 manufacturers which all implement bit-identical implementations
of the signer (with RFC6070 deterministic signatures), and treating the signed
transaction as a private key leak until you've verified they all match.

For ECDSA a single bit bias in the nonce, or a single bit leakage of the nonce
through other methods is enough to completely break the cryptography. So we
could have hardware wallets that produce otherwise impeccable transactions and
signatures, but leak a bit of the nonce in the ordering of the outputs, the
lock time, the sequence numbers, and that would still be enough to steal all
of the funds.

This stuff is trickier to get right than most people imagine.

~~~
Drip33
That requires some sort of malware (or similar) installed on the
device/software creating the transactions which has access to the private key
to leak it via some predetermined way and is different from what I thought you
were saying that a pre-signed transaction could directly send funds to an
unwanted address without you knowing by inspecting the signed transaction
itself before broadcasting it.

Regardless, whatever job you have where what you've said is a legitimate
threat model sounds like the most interesting job in the space.

~~~
RL_Quine
Oh no, inspecting the transaction means you know where the money goes,
absolutely. There's just no assurance that it's all you need to be safe. Given
the amount of absurdity going on in this industry you have to be very sure of
things like hardware wallets. It would take zero effort to replace a Bitcoin
hardware wallet with one that is backdoored, so it's a very real threat to
many companies, if they know it or not.

------
RcouF1uZ4gsC
[https://decrypt.co/31956/an-ethereum-user-
lost-5-2-million-i...](https://decrypt.co/31956/an-ethereum-user-
lost-5-2-million-in-two-massive-mistakes)

And if you fat-fingered the transaction, you could have transferred $0.48 for
$1B in fees with no way to reverse that.

~~~
ShorsHammer
There's a 1 in 4 billion chance of fat fingering it.

[https://learnmeabitcoin.com/guide/checksum](https://learnmeabitcoin.com/guide/checksum)

The thing to be really aware about is insidious malware that detects valid
bitcoin addresses being copied and modifies them in place, sometimes even to
the point of including the same first/last alphanumerics to a certain degree.

You'd hopefully be using a bootable linux distro and multisig for transferring
such amounts.

~~~
pjc50
Doesn't stop you from making a UI error and entering the wrong value in the
wrong box.

~~~
Cthulhu_
Said UI could protect the user from it though, by not accepting a 'fee' value
more than 10% over the current average (for example).

------
sammycdubs
I don't want to sound like a narc, but it seems like a really good idea to
have some degree of oversight and safeguards on financial transactions of that
magnitude.

~~~
Cthulhu_
I agree, and banks + the government do just that; large transactions, or
'pattern' transactions flag up in fraud and money laundering departments and
are investigated.

But, bitcoin is free of oversight or centralized control, which was the exact
point of the system.

~~~
alexmingoia
I had my life savings (all funds in my bank account) frozen, without notice,
without explanation, and without recourse for 3 weeks. They literally couldn’t
tell me why my account was frozen besides “social security has flagged the
account.” This was at one of the largest banks in US. I never committed any
crime or suspected of one, or had any weird transactions. When I protested at
the branch asking how I’m supposed to pay rent they said “sorry”. After almost
3 weeks they unfroze it without explanation and offered to pay the bounced
check fee for my rent.

Yeah I’d rather have bitcoin. Bitcoin removes the need for banks altogether. I
don’t want the banks and government in control of my money.

~~~
enumjorge
I’d argue that with Bitcoin being volatile enough to have double percentage
point swings in a single day, that you’re not in full control of your money
with Bitcoin either.

~~~
Sargos
Most people will use stablecoins such as Dai or USDC. Bitcoin is just an
example here.

------
DenisM
I have to wonder how long until organized crime starts tracking down and
shaking down large wallet holders. The profit is clearly there.

------
btmoney06
How much did they pay in exchange fees and "slippage" to convert that to
dollars? And how long did it take to do that?

------
adsrginio
I find this a ridiculous thing to brag about. The only way Bitcoin will have
low fees _is if it fails_. Since the network does not scale, if the network
sees any substantial load the transaction fees will spike. We have already
seen this happen back in 2017 at the peak of the bubble.

High fees are, in fact, part of the security model. The reward for "mining" a
block will eventually dry up, so "miners" will be funded more and more by
fees. Unless people are paying billions of dollars a year in fees, the
financial incentive for "miners" will be too small to protect from bad actors.

Bitcoin can only have low fees if it both remains unpopular and dies before
the block rewards dry up. Recommending Bitcoin because of its low fees is
trying to sell it by predicting its failure.

------
pretfood
Dayum. That's about as much as I earn from my fiat in a year!

~~~
antidaily
$0.48?

~~~
tobyhinloopen
I think he made a interest joke, yeah

~~~
treebornfrog
Interesting.

------
tomlagier
I'm a Bitcoin skeptic, and much of my skepticism is around the practicality of
use for day-to-day transactions. Seeing low fees is very encouraging to me -
the last I had checked, fees were in the several to many dollars range.

Now if they can hammer out the volatility, figure out a simple UX, encourage
adoption at most places of business, and increase trust in exchanges for USD
conversions, I'm on board.

~~~
louwrentius
And then, what kind of important benefit does it bring us that the USD or any
other currency can't give us?

------
kim0
A transparent ledger is an invitation for mobs to threaten and torture people!
Identifying and threatening BTC owners is not that difficult. If we're serious
about protecting financial privacy, use something like Monero instead!

------
iblaine
Is it also true that he/she would have paid $480M to move $1B in BTC if it
were moved $1 at a time?

~~~
newguy1234
Bitcoin isn't good for small transactions obviously. That's why there are
other cryptos invented that have next to zero transaction fees.

------
louwrentius
Why does this mean anything. The average electronic transaction in shops and
online in The Netherlands is a fraction of the cost of that.

Maybe it's different for higher amounts of money, but it doesn't matter.

Bitcoin is a solution to a problem nobody has figured out yet.

~~~
bravoetch
The meaning is that for 48 cents, anyone may participate in a global
transaction network that cannot freeze or restrict your transactions. Banks
have a habit of monitoring and interfering with transactions because they are
heavily regulated.

------
gitgud
Are these Satoshi's Bitcoins?

~~~
SRTP
No.

We have a rough idea of which coins belong to Satoshi, based on when and how
they were mined.

Satoshi's coins are continuously monitored and have never moved.

~~~
thekyle
I always imagined that Satoshi probably lost the private keys to those early
wallets.

~~~
Jach
Maybe. But in the latest Cra1g Wr1ght drama, he claimed to the court that some
early addresses people thought might have been Satoshi's belonged to him. A
message surfaced afterwards which was signed with those addresses calling
Cra1g a liar.

~~~
centimeter
The addresses used there were not Satoshi addresses, but other addresses mined
around the same time.

~~~
sukilot
Why would Craig (falsely) claim to own not-Satoshi addresses, instead of
claiming Satoshi addresses that are less likely to be used (due to exposure
risk)?

~~~
stale2002
So the reason why Craig would do this is simple. Craig is not only a fraud,
but is also an incompetent fraud.

------
zelly
This is reckless and compromises the security of the Bitcoin network. A single
transaction worth a billion dollars starts to create incentive for miners to
51% attack and reorg the chain.

------
pcurve
so does this mean, someone paid cash or some asset worth $1billion in exchange
for the bitcoins? Or is it just simply moving from one account to another
owned by same person?

------
mordae
Joint NATO fund to pay ransomware fees.

------
bouk
SEPA transfers are free :)

~~~
ravingraven
They certainly are not. Not between countries (even if they are EU countries
and both use the Euro) and not for 1 billion Euros/Dollars.

Edit: A lot of people here are saying "I do not pay for it so it is free".
Just because _you_ don't pay does not mean it is free for _everyone_. The law
just states that fees must be the same for domestic and EU transfers, not that
the transfer is free and, there are countless examples of regions where there
are no banks that charge nothing (especially regions where a lot of intra-EU
immigrants come from).

~~~
rsynnott
> Not between countries (even if they are EU countries and both use the Euro)

If your bank is charging differently for transfers to euro denominated
accounts in other countries, complain to the regulator. This isn't allowed.

~~~
ravingraven
A) Not charging differently does not mean it is free (which was the original
argument).

B) The "target" bank can still charge you independently of your bank.

E.g. (and I do this kind of transfer very very often so I am 100% sure it is
so and I am also 100% sure this is legal): A transfer from Germany to Germany
is free. A transfer from Germany to Greece is not as the Greek bank charges a
fee.

~~~
hocuspocus
So the receiving bank applies a fee, but the fact it's in Greece has nothing
to do with anything. Don't do business with crappy banks.

Plenty of people regularly do cross-border SEPA transfers for free. I do, and
I'm not even in the EU/Eurozone.

~~~
ravingraven
All banks in Greece charge a fee. The fact that plenty of people do SEPA
transfers for free means nothing for the other people (e.g. the whole
population of Greece) that can not do SEPA transfers for free.

~~~
hocuspocus
So don't do business with Greek banks?

What stops you from doing day-to-day banking in Greece using a German account?
That's kinda the whole point of the Euro.

~~~
ravingraven
First of all, you are not allowed to have a German account if you are not a
resident of Germany.

Besides that, this is not the point of the conversation. The original comment
compared SEPA to Bitcoin, saying that SEPA is better since it is free. It is
not. There is no law that mandates it to be free and it is de facto not free
everywhere (it might be for _your_ use case but not for everyone). It is many
times a lot more expensive than Bitcoin. If I also elect to not transact with
Greek bank accounts, I exclude 99.9% of the Greek economy since I have no
influence on what kind of account my counterpart has.

~~~
hocuspocus
> First of all, you are not allowed to have a German account if you are not a
> resident of Germany.

Of course you are! Have you never heard of N26? And even some traditional
banks will happily have you as a non-resident customer.

~~~
ravingraven
Direktbanken (i.e. purely online Banks) are an exception but they come with
their own set of asterisks and are not a blanket solution as you can't open an
account from all European countries.

~~~
germanier
There is no such exception. Banks are free to do business with whomever they
wish. Direktbanken are usually probably the hardest to open an account with if
you are a resident abroad.

Deutsche Bank is well known for offering accounts to non-residents. Pretty
much any Sparkasse will open an account for you if you walk in even without a
German address.

The list of banks that _don 't_ offer accounts to non-residents is probably
shorter than the other. Granted, these are mostly the ones with the best
offers.

------
bronzeage
Taking an educated guess here, that the miner of the block which moved that
transaction must be related to the owner of that wallet. Nobody would
otherwise accept such a low fee for a big transaction. Find the miner, you
find the wallet owner.

~~~
pbhjpbhj
Oh, I didn't know transaction value was known to transaction block-miners;
that seems like a flaw. Assuming there's a bidding system, wouldn't
transaction cost tend to zero?

(Seems I need to review bitcoin transaction mining. Suggestions for a good
resource on that?)

~~~
hn_throwaway_99
> Oh, I didn't know transaction value was known to transaction block-miners;
> that seems like a flaw.

Transaction value is known to everyone, which is one of the whole primary
points of Bitcoin.

~~~
pbhjpbhj
Yes, I knew that the transaction value (and source, sink) was known after
processing it and putting it in the blockchain, just not that it was known by
the miner processing the transaction before putting it on the blockchain - I
assumed when "mining" a transaction that somehow the details would be hidden.

Them being visible seems to raise interesting attacks, such as an individual
being doxed and then unable to have their transaction verified/accepted.

A sibling comment suggests Monero have addressed this.

Edit: If 51% agree not to process any transactions for accounts holding >$1M
worth of Btc can they steal financial value? Like a stock buyback but you pay
zero to the holder and get the stock anyway.

~~~
hn_throwaway_99
> Them being visible seems to raise interesting attacks, such as an individual
> being doxed and then unable to have their transaction verified/accepted.

You have some fundamental misunderstandings in how bitcoin and bitcoin mining
work. I'd suggest reading up on one of the links a sibling comment posted.

~~~
pbhjpbhj
In the interim, perhaps you could clear up a couple of questions, as you
realise I've not studied the process for maybe 16years (I forget a lot in that
time). Are these true?

1) Those processing transactions know which wallet they belong to before they
choose to process it (this was the surprise to me presented here).

2) Wallets can be linked to people as the blockchain shows wallet holding
value and transactions. (State actors can probably correlate with bank
transactions; people in general can learn 'oh John Doe bought pizza from me
using that wallet').

Appreciated.

