I'm asking regardless of practical enforcement of those regulations, because I want to understand the risk model here as people actually using the app perceive it. Are the people regularly using it under the impression that the government will help claw back or recover lost or stolen funds, or is there widespread understanding that it's irreversible?
> I'm asking regardless of practical enforcement of those regulations.
From public information and press releases it doesn't seem like they do.
- For starters the password is just a six digit number. So it doesn't follow the same account security recommendations required by the regulator for every other financial institution in El Salvador.
- Every financial institution in El Salvador is required to publish their corporate information on their website, including their financial statements and board of directors. But their website doesn't even publish their address.
- The app is not a member of the local deposit insurance scheme (IGD). But the app is the financial institution with the most clients in El Salvador. 3 million, compared to 1.5 from the rest of the financial sector
> I want to understand the risk model here as people actually using the app perceive it
> Are the people regularly using it under the impression that the government will help claw back or recover lost or stolen fund.
I don't know. I mean, all other banks are required to publish customer service statistics, including how many credit card chargebacks they do and how many fraud complaints they receive. But the app doesn't do this as far as I know.
- Users need to understand public/private keys so that the can rotate keys whenever necessary. They should have had users generate the wallets empty and then have them authenticate as a second step to get the payout.
- Maybe you need government-authored software to carry out the business of government, but since the chain is public and the keys can be used for signing things other than transactions there's no need for that software to ever see your private key. You ought to be able to handle everything you need by sending signed messages to the government app or having the government app examine the chain.
- Pairing an ID number with a photo of a face is not a valid authentication step. Neither of these things are secrets. You're going to need a government employee to look at the ID and the face before they accept the key, that way when skulduggery ensues, that employee can be found and questioned. Relying on non-secrets to do the job of secrets is a bad idea--as everybody who has a ssn knows.
There's this project called Worldcoin which gives you "crypto of the future" for registering your retina and more "crypto of the future" for setting up "orb" devices to scan other's retinas.
And even if they were, I'm not sure one-key-per-human is what you'd want. I think we ought to be able to generate pseudonyms which provably belong on to a taxpaying citizen, but which can't be traced to the specific one. For protecting whistleblowers and such.
I have not found any confirmations so far, that People in El Salvador are actually using Bitcoin. For all I know it could be Government fiat that is denominated in Bitcoin.
Does anybody here know more about it?
Chivo -> Chivo transfers are not done with Lightning, or ok the blockchain itself. Govt is not obliged to back the amount of “Bitcoin” in all the wallets by any specific amount.
There are, I believe, gateways to both LN and the BTC blockchain itself. So you can transfer funds to/from Chivo with a real Bitcoin transaction. But sending to another Chivo user is just handled by Chivo centrally.
The article is confusing because it mentions missing funds but not whether there are any transactions by hackers or scammers.
Non-custodial would mean you held your own keys etc.
Difficulty in proving something happened doesn’t suddenly make it legal.
As the thief, you could only plausibly claim you mined it if you stole it from someone who did (as otherwise there would be a history of UTXOs). Depending on the history of the coins in question, it could be used as evidence.
Ie if one of the last prior UTXO was associated the gov airdropping it to Alice, 65yo non-techie, still having those keys on her iPhone, and then maybe sending some to her nephew and spending it on a webshop order shipped to her home address, and then Bob, 35yo CS Phd with addiction problems... I’d say that’s more evidence than what’s needed to put someone in jail in many places. But I think as with many things legal it’d depend a lot on the circumstances in the individual case.
People have been found guilty of defrauding people of cryptocurrency. It’s not that exotic.
This made me thinking, if you want to “insure” yourself for such a potential future situation, construct a hash of an arbitrary secret, sign it with your private key, and publish it on-chain. If you’d end up as the victim in that scenario, you could present the preimage, thereby presenting proof you had control of the keys at that point in time, as opposed to gaining access to them recently.
I wonder if the Lightning wallet they’re using has enough information for its internal database to already have that, considering how Lightning channels and payments work.
There's been documented cases of coins being sent to wallets generated with empty-string seed phrases, or people using seed phrases that are easily guessable.
If I guess your private key/seed phrase, I've not accessed any network or equipment I don't have authorisation to access, I've not tricked or defrauded anyone, what crime have I actually committed?
Certainly stealing bitcoin this way would be morally wrong, but I don't see what crime you could charge me with.
This is a nontrivial system that has false positives and negatives.
However from the end user perspective:
If you have a credit card and a fraudulent charge appears you call the credit card, they freeze the transaction, contact the vendor who may or may not be able to corroborate the legitimacy of the charge, and it's done.
The alternative would be using cash, where it is not possible at all. So in comparison to the alternative, I do believe it's "trivial." That being said I regret using that word, I should've used "straightforward", instead.
However if you were using stolen cash it wouldn't really be possible. In this scenario the stolen private key and corresponding bitcoin is like stealing the cash. There's not really anyway to determine anything.
More simply: how can you distinguish someone who ceded their Bitcoin voluntarily to someone else vs someone who had it stolen from them with no centralized entities involved?
In all cases, the fraudulent money is used in exactly the same way as genuine use.
If you figure out a bitcoin private key, that doesn't give you any more right to the money than figuring out a way to guess someone's bank password. And remediation would be the same.
Even if you had someone's bank password, what will you do with the money? Transfer it to another bank? If so the wire will be reversed. Why? Because you can call someone and tell them to do so and an investigation will be done, but you will be presumed to be innocent first.
So again, with Bitcoin, with no centralized entities involved, how can you distinguish between someone ceding their bitcoin to someone else vs. it being stolen from them?
And we are comparing Bitcoin and wire fraud.
Same with MT.Gox the stolen bitcoin is being given to the people who had the original accounts.
Bitcoin is largely anonymous not because of its encryption but basically security to obscurity because that since every transaction is on one central ledger.
1. Takes the private key of the person in question.
2. Immediately sends an email to a fence or just sends the BTC to an exchange.
3. Takes the money.
In a court case you could claim the following:
The user that got their private keys stolen has record of a file containing a private key that they own which is older than the other user and has done at least one purchase with it.
If the person who stole your private key has transactions that aren't older than the original owner that's how you could argue the case.
This would be hilarious satire if the man wasn’t in charge of peoples lives.
I heard subscriptions could be done but i havent checked in years
Ever heard of fiat currency inflation?
I was merely making a point that if you think defrauding currencies is limited to crypto, you are missing the big picture that every currency out there has been smashed by inflation over the past 50 years. Look at how the dollar went downhill since it went off the gold standard. And that's within one's lifetime.
> A +45% swing this year could easily mean a -45% swing next year...
Volatility is a function of speculation. When most of the currency supply is held by speculators, high volatility. Less of that the more people actually use it as a currency.
And even with Bitcoin itself, think about what Wall Street and governments would do with securities derivatives and Bitcoin-denominated debt instruments. The supply of Bitcoin isn't actually limited by the supply of Bitcoin.
so the USD going to the ground at 6% per year is a feature? Aren't currencies supposed to be store of value over the long term, you know, over dozens of years since you need hard cash to retire?
Some inflation is normal and fine. 6% is rough but tolerable, but getting it back to 2% is obviously desirable.
thats' been much higher than that because the basket they use to measure inflation is not at all representative and does not account for the cost of energy, anywhere.
Believing the propaganda from governments does not help much.
It's far too boring to be some conspiracy or propaganda.
You don't even need to bring lizard men in the mix to understand that the government has a clear conflict of interest when it comes to reporting inflation.
You might as well say that deflation does too, since it amplifies illiquid market behaviors and is a net detriment to the economy.
I've been storing my life savings in crypto, and so far it's been phenomenal compared to my USD ones.
Deflation actually forces you to think of how to spend money more rationally, not to buy junk that will pollute the planet. (yes, I know BTC mining isn't great for the emissions, and I wouldn't recommend BTC anyway)
As an individual, deflation benefits me too. But that's because you and I are individual actors, not a government in charge of maintaining a diverse economy of actors.
To cut the entire thing short: the general undesirability of deflation is considered a settled matter in economics. Just about any resource will help explain why that is, and why we (agents in the economy) benefit from small amounts of inflation.
Deflationary grinds stupid chachki markets to a grind maybe. The stuff that pollutes the planet.
Edit: This can be explained by the disconnect between unit price (which is indeed decreasing for consumer electronics) from unit value (which is relatively stable for consumer electronics, especially post-Moore). Consumers don't care if their laptop is "worth" 40% less YoY if the laptop they hold off for is only 0.5% faster. So it's not clear where the deflation is.
No, it's not. Very few people can afford to buy new smartphones/laptops/TVs for fun. Most consider their purchase for a while, choose the right model, and then use it for a few years. Most people use these tools daily, hourly even. These are not random tchotchkes.
But pretty much everyone can buy some dumb dollar store toy for their kid, only for the kid to play with it once or twice and lose all interest.
They are everywhere, they govern pretty much all aspects of our lives. It's hard for me to name a niche that they haven't permeated.
extraordinary claim that requires extraordinary proof.
If everyone did that, then there wouldn't be enough currency in circulation to actually do work. This is known as the paradox of thrift. There is a nice version of it with baby sitting coupons:
TL;DR people can panic buy money the same way they can panic buy toilet paper, except money is absolutely essential for commercial employment and thereby cripples the economy through a depression.
>It robs people of their savings.
Well, you cannot save in money as money has no inherent value. The best you can do is let people promise value in the future which is exactly how our money system works. Think about it this way, you have money, the other person has 40 hours of free time this week. You save your money and the week is over, the other person was unemployed and couldn't do anything since you didn't spend your money. Ultimately that debt shouldn't exist and therefore the savings shouldn't exist either. The problem is that humans age but money does not. Thus, money allows you to isolate yourself from the "storage costs" of e.g. human labor and in a general sense it allows you to isolate yourself from losses in the economy.
Isn't that strange? Insisting that those losses should never reach you is quite selfish and would give you a lot of power over those who don't own money. I hope you see where this is going. People save, not because it is virtuous or good behavior, it's simply profitable to not be the one in debt and therefore being able to shove the problem onto someone else. E.g. see Germany shifting debt to Greece and pretending to be the good guy.
Now, imagine if we solved the inflation problem. 0% inflation every single year. The storage costs problem wouldn't be gone. The system would have to actively pass on storage costs and losses in the real economy to those holding money e.g. through negative interest rates. When people actively realize that their short term deposits are not profitable, they will either work less as they already have enough and let someone else work, or they save their money as long term deposits which have higher yields or finally they directly invest their money.
All three options are better than pretending that there is something where there is nothing.
The problem with deflation is that holding onto money becomes more profitable, which actively sabotages the medium of exchange function of money and directly competes with commercial employment. People can't trade and actually working by e.g. building cars doesn't bring in as much money. One could argue that deflation is the epitome of an anti work culture.
That's just not true. Money on its own is useless to people. People want to buy stuff and services. Deflationary currency just makes them think - do I really need this stuff? Inflationary currency makes you think - I better buy at least some useless junk than lose my hard earned money.
Nope, it is only profitable if there are no better investments out there. You are forgetting a little thing called the stock market. Nothing happens in a vacuum.
Why this would be barred?
It's another one to file under "words mean specific things, and abusing the language does a disservice to an otherwise reasonable point."
For example. If the government were to ban car imports, then if inflation were a tax, it would be levied by the car companies, not by the government.
When workers demand higher wages, then they would be the ones taxing the owners of money.
The only universal statement that you can make about inflation is that it hurts creditors and benefits debtors and it often does so in a way that prevents debt slavery which is why I personally am fine with some degree of monetary inflation.
My point is that creditors and debtors can be completely different people at different time periods. After world war 2 consumers had very little debt but the government had a lot of it because of the war. Nowadays young students have a lot of debt. Homeowners have extremely expensive mortgages. Companies borrow to pay out dividends or do stock buybacks. Wealthy people may go into debt for tax reasons.
Blanket statements about who is benefiting aren't really possible so being angry by default about inflation helps no one.
Completely different scale with an incredibly low fraud rate. Not to mention consumer protections put in place by banks (i.e. recoverability). This analog is disingenuous.
 - https://www.nacha.org/content/ach-network-volume-and-value-s...
 - https://www.nacha.org/news/ach-payments-have-lowest-fraud-ra...
Hence why it's not in the news...I still don't understand your point?
But instead no proportions are mentioned in a crypto fraud, just large dollar values paraded as if its unique
It is intended to distort perception and its silly
The earlier information you were exposed to is simply being assigned a higher weight arbitrarily.
Arguably, for bitcoin, the fraud rate could be said to be 0%. Every transaction was requested in accordance with the terms of request and was sent where it was expected to be sent.
PayPal used to boast of a fraud rate of something like 0.6%, but that was fraud against PayPal, and excluded payors or recipients being defrauded when PayPal just sent the money back to other.
SendBank sends $X dollars, ReceiveBank receives $X dollars. Imposter then cashes $X out of ReceiveBank (usually giving fake info). What's a scenario of fraud where this isn't the case? AFAIK there is no instance where the money simple disappears during transmission. FYI - This is why there is so much KYC done when you setup a bank account at a bank, so if you do cash out they can trace you.
> Arguably, for bitcoin, the fraud rate could be said to be 0%.
Agreed. This is exactly the problem (1) with crypto in general and (2) how difficult it would be to even calculate fraud for any cryptocoin.
Would this be fraud against ACH or just fraud against ReceiveBank?
Criminal initiates $X on behalf of Victim (or tricks them into doing so) using SendBank. Criminal then gets the money at ReceiveBank and usually withdrawals it before it can go noticed. Criminal therefore commits fraud against victim.
Since both banks are in the interest of keeping Criminals out and Victims (well just normal person/biz), they usually offer the ability to safeguard the Victim against financial harm, usually by paying the Victim money their money back and eating the cost. Hence why KYC is so important on both sides.
This is all conducted through a trust system that crypto fans love to hate because it's "centralized". AFAIK no crypto coin offers this ability because the trust system is inherently built on the idea that no person would ever be tricked into sending money to someone they didn't intend to, which is, ummm a downright terrible assumption about real world behaviors.
banks provide a user experience that makes them pretend to get the money back, a crypto bank can pretend to do the same thing, hardly a one to one comparison
It's difficult to find statistics for the percentage of money recovered from fraudulent ACH transactions, but this industry survey says that 92% of fraudulent transactions are discovered within two months (and 79% within one month). Given that NACHA allows clawbacks within 60 days, that offers a relatively bright prospect for funds recovery compared to an irreversible transaction.
Bitcoin would be calculated by value deemed as being defeauded from users onchain as payments and on exchanges, that year, and compared to a portion of its.. marketcap? or by quantity of non-fraudulent transactions?
Since bitcoin is all one kind of payment method (well lightning would be different), it would have to be compared to the other kinds mentioned in the nacha article too, ACH + ATM + Card fraud
For bitcoin I would say the data doesnt exist, but even with the headlines trying to break down just bitcoin for that year, it would be fairly low I’m thinking, even $1bn in fraudulent irrecoverable transactions would be a single digit. Percent or maybe down to a couple basis points as well just like NACHA brags about
Yep, this is a serious problem when quantifying fraud in Bitcoin and other cryptocurrencies. It's concerning in its own right that we don't really have a reliable, standard way to quantify fraudulent behavior in cryptocurrencies.
> Since bitcoin is all one kind of payment method (well lightning would be different), it would have to be compared to the other kinds mentioned in the nacha article too, ACH + ATM + Card fraud
This doesn't make sense on two fronts. First, ATM fraud is ACH fraud, since ATM transactions are settled by ACH. In other words, you'd be double-counting there. Second, payment card fraud is diversified: it's either debit card fraud (which is also ACH-settled, and thus would be double-counted) or credit card fraud, which is fraud against the lending party and has its own (even simpler!) dispute resolution process.
All told: we need actual numbers to make a coherent comparison here. In the absence of that comparison, ACH's performance on an absolute scale is admirable.
> The Fed also reported that card fraud went from accounting for less than two-thirds of the value of fraud in 2012 to more than three-quarters in 2015. “The fraud rate, by value, of card payments and ATM withdrawals combined increased from 7.99 basis points to 10.80 basis points,” the survey found.
Peculiarly about a different set of years
How on earth was ACH's design approved in the first place? It violates practically every principle of good transactional system design.
That's actually not a clawback in ACH parlance: that's just a transaction rejection, which causes the original transaction to "bounce" and enter a remediation process.
Clawbacks are done via "return records", which can be issued separately of any transaction records. Clawbacks, in turn, can be dishonored and countermanded by the RDFI. I wrote a short summary of the different rules here.
> How on earth was ACH's design approved in the first place? It violates practically every principle of good transactional system design.
ACH's design comes from the 1960s. It was designed for a time when the average American used their physical checkbook to pay for everyday items, and there was no reliable (non-military) nationwide computer network. Its design looks bad because it's optimized for forces that are currently mostly irrelevant, but used to be common: tens of thousands of tellers filing physical paper, smudged checks, typos by secretaries, delays in the mail network, the cost of long-distance calls, &c. They probably didn't even have a sound notion of a "transaction" in the ACID sense, given that Jim Gray didn't develop that particular paradigm until the 1970s.
ACH's flexibility and complexity make it look staid and antiquated compared to modern settlement systems, but it's all there for a good (historical) reason.
But as for why it's taken so long: banking in the US is, for various reasons, significantly more complicated than banking in most other countries. The US has thousands of FDIC-insured banks and credit unions, each of which operates under a patchwork of municipal, state, and federal regulations. Banks are (mostly) required to honor each other's checks and transactions which means that, in the worst case, there's a total graph of all ~10,000 banks and credit unions serving as both ODFIs and RDFIs. Transaction failures between any two nodes in that graph are a possible compliance failure, so any common mechanism is both a lowest common denominator and resists any modernization or other changes than can cause disruption.
: It's actually simpler than this, since the ACH clearinghouses serve as a central resolution and dispatch service for all ODFIs and RDFIs. But each O/RDFI still has to interpret the ACH record(s) they receive, so there's still extraordinary inertia against any changes.
a financial institution custodying bitcoin can do that too
I never hear of people paying invoices with Bitcoin.
I received half of it in Bitcoin and the other half via old fashioned bank transfer. It was a neat experiment, and I plan on accepting payment in crypto for some invoices that I send in the future as well.
Many of us have more bitcoin or other crypto than dollars at any point in time, directly onchain (as opposed to on an exchange, which can have extra steps or even the same limitations as any other financial institution). Even if we have a whole portfolio of other assets, its still not dollars available for trade.
If we want something instantly, internationally or outside of business hours or at a large amount, the bitcoin can accomplish that pretty instantly (few seconds with lightning, 1-20 minutes with 1 confirmation onchain transaction). Almost every other crypto asset can do it even faster.
Some people will never get it
There are discussions to be had about the state of bitcoin/crypto invoicing software
Bitpay’s used to be good and then they made it almost useless
I can’t recall hearing about anyone paying an invoice in Brazilian real. That doesn’t make me assume it never happens.
If my bank account can be completely drained in a way that the money can’t ever be recovered, that’s not a feature, it’s a bug.
... and I hope you realize that your bank account CAN be completely drained without the money being recoverable. If you're trying to say it can't, then might I suggest to watch some scam-baiting videos to see how those scammers operate, and how they try to do exactly that to the elderly and the unaware. You can call it a bug all you want, but it's quite possible to have your bank account drained; and, despite what others in this thread have said, an attacker can do that from thousands of miles away.
Just like with any other currency, split between cold- and hot-wallets appropriately.
Yes, you do, if you are using “cash” in the same sense in both places (physical currency).
If you use cash to mean “fiat denominated depository accounts and investment instruments” in the second case, sure, you don't hear that, but that's equivocation as that's not something that gets stolen in a mugging.
That's possible with any fiat currency too.
With crypto you can commit fraud at scale with little risk of long prison sentences due to the non violent nature of the crimes and victims are SOL.
Just like fiat you can store your crypto with an insured custody provider (and still own your own keys), which is the norm with smart people who have a decent amount of crypto assets.
At least with Bitcoin they need your passphrase.