Bitcoin is known as the very first decentralized digital currency, they’re basically coins that can send through the Internet. 2009 was the year where bitcoin was born. The creator’s name is unknown, however the alias Satoshi Nakamoto was given to this person. Bitcoin accounts cannot be frozen, prerequisites to open them don’t exist, same for limits on bitcoin bank account .
Advantages of Bitcoin
Bitcoin transactions are made directly from person to person trough the internet. There’s no need of a bank or clearinghouse to act as the middle man. Thanks to that, the transaction fees are way too much lower, they can be used in all the countries around the world. Every day more merchants are starting to accept them. You can buy anything you want with them. How Bitcoin works. You should explore bitcoin mining. It’s possible to exchange dollars, euros or other currencies to bitcoin. You can buy and sell as it were any other country currency. In order to keep your bitcoins, you have to store them in something called wallets. These wallet are located in your pc, mobile device or in third party websites. Sending bitcoins is very simple. It’s as simple as sending an email. Invest in bitcoin to get great returns.
You can purchase practically anything with bitcoins.Bitcoin Anonymity.When doing a bitcoin transaction, there’s no need to provide the real name of the person. Each one of the bitcoin transactions are recorded is what is known as a public log. This log contains only wallet IDs and not people’s names. so basically each transaction is private. People can buy and sell things without being tracked.
Bitcoin innovation. Bitcoin established a whole new way of innovation. The bitcoin software is all open source, this means anyone can review it. A nowadays fact is that bitcoin is transforming world’s finances similar to how web changed everything about publishing. The concept is brilliant. When everyone has access to the whole bitcoin global market, new ideas appear. Transaction fees reductions is a fact of bitcoin. Accepting bitcoins cost anything, also they’re very easy to setup. Charge backs don’t exist. The bitcoin community will generate additional businesses of all kinds.
What Makes bitcoin bank account So Interesting?
It begins with a text message from Verizon
Oh boy. Within seconds, I call the number and get this.“Hello, welcome to Verizon. Our offices are now closed. Our hours are between 8 and 11pm on the weekdays...”
I call again and repeatedly tap zero to try and get an operator. No dice. A minute later I get a duplicate text message.
I screenshot and tweet to Verizon Support.
Incredibly anxious minutes go by as I attempt to reach Verizon. I google “Verizon fraud prevention line” searching for a number to call and get nothing.NO PHONE NUMBER ANYWHERE TO BE FOUND
11:41 PM — Gmail signs out.
I’m completely in the dark.
11:42 PM—Coinbase password resets
My session cookie doesn’t kick me out yet so I watch this in real time.
11:34 PM—Coinbase New Device Confirmation
11:44 PM—1.18 BTC sent
11:45 PM—70.96 LTC sent
11:46 PM—16.03 ETH sent
Adios hopes and dreams fund 💸 —$8,000+ is gone in 15 minutes.The hacker deleted these emails but google recovered them
How on earth was I so blindsided?
Before we begin, its worth mentioning that yes, yesssssssssssssssssssss, I did not have enough protection around my Gmail account. I’ve used Google Authenticator before, for my personal account and for various work emails, but I stopped using it at a certain point out of convenience. I deeply regret doing so and you can certainly say, “HA, YOU HAD THIS COMING TO YOU DUDE, MY BITCOIN IS ON AN ENCRYPTED THUMBDRIVE IN A SECRET UNDERGROUND LOCKBOX COLD STORAGE FACILITY.” But there are many coin spectators out there with a similar vulnerability and, as more novices join, this vulnerability will only become more of a problem.
Of all the things that went down in the factors that lead to this hack, Verizon Wireless is what I was massively unprepared for. After talking at length with customer service reps, I learned that the hacker did not need to give them my pin number or my social security number and was able to get approval to takeover my cell phone number with simple billing information. This blew my mind and seemed negligent beyond all possible reason but it’s what they do. The main thing that struck me by the hack was the extraction speed possible in the current cryptocurrency ecosystem. $8,000 in 15 minutes is faster and more lucrative than robbing a suburban bank.
Why I was targeted
The best working theory for why I was targeted was this tweet I made last week about Coinbase.com. A friend of a friend was hacked on Coinbase and he had not heard back from anyone on Coinbases’s support team for multiple days. As a plea for help, he asked people to help get the word out on Twitter. I did, it got RTed a bunch, and to my incredible naiveté, I had no idea I was essentially attaching a “Rob me too” sign to my back.
And now, here I am. I tried to help someone get the attention of Coinbase for fraud, I got screwed, and now I’m trying to get the attention of Coinbase.com for fraud. The official Coinbase Support twitter has responded once, then a bot emailed, with a disclosure that it could be weeks before I get a single response to my question.
I have never lost money at anywhere near this scale before. I grew up in a family that is especially conservative when it comes to money and this hits on an emotional level that is hard to shake. Like many, I know that there are plenty of risks when it comes to cryptocurrency, it’s a gamble, but the one thing you don’t expect to happen is to be robbed in seconds on a site with a cleaner user interface design than Chase Bank.
I have no idea if I’ll be able to recover any of this money but I figure the one thing I can do with this feeling of rage/sadness is try and unpack the vulnerabilities so others get less screwed.
Things Verizon Wireless can do
- Add additional layers of scrutiny to any person calling in and requesting to ‘swap phones’. General billing information was sufficient to transfer my number and I was floored by this. It is insane that Verizon, and other wireless companies, haven’t made real efforts to counter this hack and even more crazy that they haven’t been sued for gross negligence.
- Make urgent text alerts actionable through SMS. If I received the original alert and was able to text a reply stopping it, or even delaying it, this entire hack would have stopped in its tracks. Instead I was told to ‘immediately’ call a number for Verizon that no one was there to answer.
- Make the Verizon Fraud Hotline accessible and visible to your customers. It took 45minutes of irate Twitter DMing before I was able to get the number I needed to contact a real person at Verizon. For anyone searching for this in the future, the number is 1-(888) 483–7200.
- Tell your customer what happened with their account. I spent a few hours with Verizon support being bounced from the Fraud Department to the Legal Department to the Consumer Support department. I got very little from anyone, they would not release details of the call unless I hired a lawyer to represent me.
Things Coinbase.com can do
Dear God Coinbase. Where do we even begin.
- Make enabling Google Authenticator a *requirement* for storing any coins on Coinbase.com. SMS 2FA is broken but deceptively secure, especially to new comers.
- Make a 24–7 fraud hotline available to your customers. Twitter and email are broken mechanisms for response when speed is of the essence.
- Significantly limit the number of new users you accept on your exchange until you have the support resources to cover them. You gained 400,000 users in 30 days, FOUR HUNDRED THOUSAND, and many of these users are extremely new to security.
- Put basic fraud protections in place when someone logs into an account on a new device then attempts to liquidate an account. A one hour delay could have stopped this hack in its tracks.
- Make the default modes for transferring coin significantly more paternalistic for new users.
- Create an insurance policy for personal accounts. Yes, this policy would be extremely vulnerable to fraud but this is your core competency, find a way.
Things you can do to secure your coins
In the wake of the attack, I reached out to friends with lots of experience in cryptocurrency and these are their tips.
- Don’t talk about Bitcoin Club. Don’t talk publicly online, with your real identity, about your trades or the exchanges. I know it’s too late for some (certainly for me!), and it shouldn’t be like this, but this makes you less of a target. Even if your coins are properly secured.
- If you are going to post on reddit, twitter, etc about cryptocurrency, use a far removed pseudonym.
- Use a separate, secret email for your coin accounts and do not forward the alerts to your personal email account.
- Use 2FA — SMS doesn’t count. I had no idea how easy Verizon and others make it for people to swipe your phone with basic information within minutes. Make sure you use GAuth or Authy or something else supporting TOTP tokens; consider a FIDO U2F device as well for your gmail account.
- If you insist on leaving your money on coinbase.com, then store it in their “vault”. This will give you a buffer of a couple days before any of your stuff can be touched, at least it won’t be gone immediately.
- Call your cellphone company and tell them you are likely to be targeted for social engineering. Request more scrutiny for making requests.
- Store your coins on a physical wallet. Technically, any money you have in an exchange isn’t yours — you simply have an IOU from the counter party. Best practice for keeping your coins safe is with a hardware wallet like the Ledger Nano S. This is only $60 or so and means that someone will need to physically enter a pin and confirm a transaction or steal your backup seed to access your funds.
I’m not giving up on crypto
I joined Coinbase.com in 2015, have had various positions of BTC over the years and have seen hype come and go. I think we’re nearing a real inflection point with adoption but we’re in a dangerous place as the cost of BTC/ETH skyrockets and noobs hit the market.
Four-hundred-thousand people have joined Coinbase.com in the last thirty days. This group has vastly different security needs and expectations than the original 400,000 who joined Coinbase in 2012. If this new group isn’t protected in aggregate, lawsuits will fly, financial lives will be ruined, and the dream that bitcoin will eventually hit $50,000 will become a dim fantasy. Check out the Coinbase reddit if you want an additional taste of what’s happening.
Despite this, I’m willing to bet that Coinbase, or someone else, will significantly evolve and eventually figure it out. Many of the problems that lead to my hack on Coinbase are addressable with more paternalistic software, fraud detection and an adept support team reachable 24–7. The beauty of the blockchain is that you can create a consumer offering on top of it that operates much more like a bank and it can exist next to an exchange suited for someone buying and selling huge, risky amounts each day.
It’s hard to understand how brutal it is to start over with this level of rapid financial loss unless you’ve been there yourself. The BTC I had in my Coinbase was collected over years and the ETH and LTC position were more recent. I blame myself for not doing enough security research and I also know that these openings are incredibly common for others. Unless huge changes happen, so many others are likely to get robbed and the reputation of cryptocurrencies, in general, will degrade. The only thing that’s really around to protect these newcomers is the cryptocurrency community itself. Please let my ample misery be a raw warning sign. Inform your friends. Don’t trust Coinbase defaults. Don’t think it won’t happen to you. Stop reading this and secure your coins right now.
Legal. Many have encouraged me to find a lawyer to work through some options in action against Verizon and Coinbase. If you know of a lawer or firm who might be good, please shoot me a DM (my DMs are open). I don’t have many resources to pursue this so any general advice would be helpful.
Class action lawsuit against Verizon and/or CoinBase.com. Apparently there is already a lawsuit in motion (am learning more about it). If you have also been affected by a similar situation at CoinBase, message me, so we can share stories.
Donations. Wow. Some very generous people in the bitcoin community have asked about donating to a tip jar or helping fund a lawsuit. This is awesome of you and massively appreciated.
LTC: LbZnJ8QWc581bm6iu6STpbKVq9RDv1Yqbd (currently at ~$250 USD)
BTC: 188itMZTQx1PcbuCdpjBkdBLUKjJRcdPoj (currently at ~$280 USD)
Hugggge thanks to @BTCXBTDEV.
Bitcoin Cash Difficulty Adjustments
Jesus H. Christ folks. I’ve put off doing this one a little bit, in part because I’m a bit depressed/disappointed/confused/? in the direction this is headed. As always, I’ll leave my opinions until the end, so those of you who are strictly reading for the data herein can click “close” when I start ranting.
The Basic Attention Token ICO, lead by Brendan Eich, is an attempt to tokenize human attention on the internet. The ICO was certainly highly anticipated by the community, which I believe exacerbated the trends we’ve been seeing from the ICO space, as shown by my previous articles covering the Gnosis, TokenCard, and Aragon ICOs. Go read them, this one will cover that same information, and a bit more.
Here is the summary on the ICO specifics:
- Desired Cap: 156,250 ETH
- Start Date: Block 3,798,640, approx. May 31, 2017, 8 am PDT
- Potential Investment Window: 30 days or until cap met
- Practical End Date: Block 3,798,642 (timeframe of 3 blocks)
- Technical End Date: Block 3,798,720 (small fry txs to get to cap)
- Total Supply of BAT: 1.5 billion
- Total BAT for Sale: 1 billion
- BAT Development Pool: 200 million
- User Growth Pool: 300 million
How’d I Do It?
This was all done using Project Jupyter notebooks and the Pandas package. The transactions were retrieved using my Python bindings to the Etherscan.io API (tagging Matthew Tan). The methodology is very similar to my previous articles mentioned earlier, and the Jupyter notebooks of all of it can be found in a new Github repo.
In particular, I retrieved all transactions from the BAT contract address from Etherscan.io, and parsed out the ones that had an error or had a value of 0 ETH. This is my dataset. All conclusions and numbers are derived from that. That being said, the plots include all transactions, included the ones that had an error. I find it interesting to see the behavior of the contract with those that try and interact with it.
Let’s look at some stats from ICO:
- Total non-zero successful txs: 185
- Total unique addresses: 184
- Total tx fees paid: 70.15489 ETH
- Current num BAT holders: 2222 (as of June 5, 2017, 8:40 PM EST)
Practically speaking, the ICO was finished after 3 blocks. 99.9996% of the desired 156,250 ETH was put in by then. Below is a list of the top 10 contributors. The remaining successful txs are just people who asked for a small enough amount to get their transaction in.
Note that some have said the large transactions were the team itself that were the reserved pools. THIS IS NOT CORRECT. These are investors buying from the Token sale. The reserved pool amounts are outside of the tokens that were for sale. Go look at the website, it clearly states the breakdown.Top 10 contributors
Some lucky/smart bastard got two transactions in! His address is 0x001934d46ef025ec18f292f4c5f42ec85f2deb26 and here are the deets:
Ok, let’s look at the investor distribution, like we’ve done in the other breakdowns. Even though its a bit of a misnomer this time, it’s kinda my thing now, I guess. The first is the table, the second is the plot:Interactive Version: https://plot.ly/~CoreyPetty/186/percentage-vs-investor-group/
With only a few people getting into the ICO, its quite clear the vast majority of people who actually got to invest were large ETH amount contributors, and they were prepared.
Before I start my rants, if there is more data that you’d like to see in particular, leave a comment and I’ll try and add it. It isn’t that difficult for me to produce information from the raw data. If you’re capable, I invite you to do it yourself. You have access to what I’ve done and how I’ve done it through my github, use it, and answer your own questions! If you don’t know how, ask. I’d like to think this community has a strong desire to help others understand what we’re trying to build.
Thoughts on Trends in the Space, Some Warnings:
Guys… what the fuck are we doing?
It’s quite clear that the trends of the ICO space are getting a bit out of hand. Yes, I’ve only done analysis on the largest ones, and it can be said that BAT is one of the most legitimate ones. Brendan Eich’s track record, the Brave Browser actually exists and is in use (I personally use it for about 30% of my internet browsing), The amount of press, time, and instruction the team gave investors. All of these helped contribute to its quick sell out.Selling all of your tokens to a few individuals is not the point.
I think we can safely assume anyone that got into the BAT ICO isn’t planning on actually using BAT. I’m going to go out on a limb and guess that almost every single person who participated successfully is attempting to distribute the BAT they bought in order to make profits when they hit exchanges, taking advantage of the FOMO of these times.
I’m cool with making a buck and smart investment strategy. I can’t really blame the people who are doing it here, it was clear that was going happen if anyone cared to look at past ICO results. I blame those creating the ICO terms. The number one rule of blockchains that involve value transfer is that if it can be gamed, it will be. If your goal is to distribute your token to those who are interested in what you’re trying to do, then it is your responsibility to structure your platform so that the people you’re trying to reach are able to reach you.
Something else of note. We have no idea if the people actually doing the ICO aren’t investing in their own platform and making a profit off themselves twice. I don’t see why they wouldn’t. (pure conjecture, but clearly a possibility)
There are negative consequences if we continue along this road, namely:
- The FOMO associated with very short window, high value ICOs will artificially inflate the value of the underlying project, and fund a project with far too much money as a start-up. This doesn’t align incentives to provide a quality product to the end-user. If you raise that much money as a start-up, you’ve won. What do you care? You are required to have an extraordinary amount of ethics to continue to the best of your ability.
- This artificially inflated sense of scarcity boosts the price, and thus the underlying valuation of the project which they can’t operate it. It strangles them.
- If the standard moves towards this behavior, we won’t allow people to do enough due diligence. Investors will just throw money at every project, hoping one will stick. This creates an environment that’s ripe for scamming or poor quality ideas getting funded. A shitty white paper is not enough for millions of dollars of an investment.
- Eventually, some of these projects will fail miserably, and people will lose a significant amount of money. More than likely, the majority of these projects will not be able to produce what the set out to, leaving their community holding a depreciating bag of shit.
I love the idea of a token that represents the API key to your platform, and as your platform grows, those that add value to it get rewarded. There are plenty of ways this new model of business is going to change the world, but we’ve started off on the wrong foot, and the investors and scammers are going to do everything in their power to ruin it for us. This road can potentially ruin us at the very worst, or just set us back for a long time when something inevitably goes wrong.
Maybe I’m just being cynical, but I doubt it. Hit me with your thoughts.
Holla at ya Boi!
I do this because I’m curious, and feel this type of information is lacking. We need to keep an eye on “where the money comes from” as we build this community out.
As always, come listen to The Bitcoin Podcast and BlockChannel to hear me talk to people in the space about what they’re doing. Our slacks (TBP and BlockChannel) are always welcome to the community as well. I’m always present in them to talk.
If you don’t like slack, hit me up on twitter at @corpetty or email me at firstname.lastname@example.org
Throw me some duckets of you like what I’m doing, and have some to spare. The donations definitely help me stay motivated to do these:ETH and ERC20 Tokens
ETH and ERC20 tokens: 0x8F53781799515e5dc8f5D00C528940cAe99aC969BTC Address