from the I-knew-I-should-have-stored-it-in-my-LastPass-account dept.
A buzzy startup offering financial infrastructure to crypto companies has found itself bankrupt primarily because it can't gain access to a physical crypto wallet with $38.9 million in it. The company also did not write down recovery phrases, locking itself out of the wallet forever in something it has called "The Wallet Event" to a bankruptcy judge:
Prime Trust pitches itself as a crypto fintech company designed to help other startups offer crypto retirement plans, know-your-customer interfaces, ensure liquidity, and a host of other services. It says it can help companies build crypto exchanges, payment platforms, and create stablecoins for its clients. The company has not had a good few months. In June, the state of Nevada filed to seize control of the company because it was near insolvency. It was then ordered to cease all operations by a federal judge because it allegedly used customers' money to cover withdrawal requests from other companies.
The company filed for bankruptcy, and, according to a filing by its interim CEO, which you really should read in full, the company offers an "all-in-one solution for customers that remains unmatched in the marketplace." A large problem, among more run-of-the-mill crypto economy problems such as "lack of operational and spending oversight" and "regulatory issues," is the fact that it lost access to a physical wallet it was keeping a tens of millions of dollars in, and cannot get back into it.
"In March of 2018, the Company created cold-storage wallets for purposes of maintaining cryptocurrency assets that included ETH, BTC, and ERC-20 compliant cryptocurrencies," the company wrote in its filing. It called one of these wallets the "98f Wallet," because its address ended in "98f."
"To enhance security, the Company set up the 98f Wallet so that those who can 'sign' (i.e., approve) transactions would need to be in physical possession of hand-held Trezor or Ledger hardware devices," the filing says.
The filing then states that, if the wallet is lost, most users create "seed phrases" that serve as backup codes that allow people to get into the wallet virtually: "Many users store seed phrases on hard copies of handwritten paper, images, and pictures. If a user loses both the hardware device and the seed phrases, it is virtually impossible for that user to regain access to the digital wallet."
You can probably see where this is going.
Originally spotted on Schneier on Security.
(Score: 3, Insightful) by redback on Saturday September 09 2023, @11:45AM (9 children)
I feel like this is some kind of ill advised long con.
Wait for the spotlight on them to fade out then make off with the money.
Of course, people are going to be monitoring that wallet forever. If any of that crypto moves then they are sunk.
(Score: 1) by khallow on Saturday September 09 2023, @12:06PM (8 children)
Statute of limitations will hinder some of that sinking.
(Score: 5, Touché) by BsAtHome on Saturday September 09 2023, @12:59PM (1 child)
What is the statute of limitations on kneecaps?
(Score: 0) by Anonymous Coward on Saturday September 09 2023, @01:08PM
Are we talking new york, chicago, or macau?
(Score: 2) by number11 on Saturday September 09 2023, @04:06PM (5 children)
Maybe. But will they still have physical possession of the wallet? Wouldn't the act of removing contents constitute a new crime against whoever has legal possession?
Of course, this assumes that physical wallet is where the goodies actually are, and there doesn't seem to be any way to verify that.
(Score: 4, Informative) by Ox0000 on Saturday September 09 2023, @07:09PM (4 children)
What physical possession? There is no physical possession. That's one of the reasons for the decentralized part of these ponzi schemes: they who own the key own the wallet.
The wallet exists only on the blockchain, it has no physical presence.
(Score: 2, Disagree) by cereal_burpist on Sunday September 10 2023, @04:08AM (3 children)
https://blockgeeks.com/guides/best-bitcoin-wallets/#What_Is_a_Bitcoin_Wallet [blockgeeks.com]
https://en.wikipedia.org/wiki/Cryptocurrency_wallet [wikipedia.org]
(Score: 2) by Ox0000 on Sunday September 10 2023, @04:13PM (2 children)
Your answer is not wrong, but I want to add more nuance to what you're saying:
In DKR-world, a wallet is a Public-Private-Keypair; from the wikipedia link in your post with emphasis mine:
However, the 'wallet' does not contain the DKRs, it is what protects the DKRs (so it's more like a padlock than an actual wallet). The wallet doesn't "contain" the DKRs, it merely controls the ability to spend them. You 'possessing' the wallet is nothing more than you (also) having a copy of the keys, if someone else has the keys as well, they can spend out of that wallet just as well as you can.
In the normal world, a wallet is where I keep my coin (well, paper money mostly). If I hand you my wallet with bills in it, then you now have unique, sole ownership of the entire contents of that wallet and I lose ownership of said content. It's also an actual physical thing you can hold.
Whereas in the DKR world, the actual contents of the wallet is not contained in the PP-key, it's stored on the blockchain.
A safeword (which is really what the DKR wallet concept is; knowledge of it is the ability to unlock the DKRs protected by it) is not a wallet, it does not _contain_ the spendable unit. So while I can have 'physical' possession of (a copy of) the keys to the wallet, I do not physically 'possess' the wallet.
(Score: 2) by number11 on Monday September 11 2023, @05:57AM (1 child)
The physical device they can (allegedly) no longer access is the padlock, and without the key it will remain locked. Is there some reason to believe that someone else has the keys? If without the keys, the DKRs can never be spent, they are in functional terms lost. Have they not become "garbage DNA" on the blockchain..
(Score: 2) by Ox0000 on Monday September 11 2023, @07:57AM
Given the frequency and regularity with which we get notices starting with "Your privacy is important to us" followed by a non-apology of how sorry they are that they are forced to tell us about a data breach, combined with the display of massive incompetence by these folks, it would not surprise me if someone else indeed does...
The actual reason for "Junk DNA [wikipedia.org]" is still to be determined and some researchers seem to be of the opinion it has a function, but we just don't know what that is yet. So let's not equate DKRs to Junk DNA.
That being said, the function of DKRs may just be to record that some marks were parted with their money, and to serve as an example to others. The wallet's 'address' will indeed exist ad infinitum (or until whenever the blockchain gets eliminated) and be marked as "these people messed up".
(Score: 3, Interesting) by DadaDoofy on Saturday September 09 2023, @12:28PM
I wouldn't be surprised if after the dust settles and investors/customers have been bilked, the key is quietly "found" and money retrieved.
(Score: 4, Interesting) by looorg on Saturday September 09 2023, @12:43PM
So there are other reasons to? Secondary once? Still it's some kind of negligence if you are are holding $38.9 million for others but then "lose" the key or means to access them. 'The wallet event' makes it sound so trivial and benign, sort of like a bank robbery being that unfortunate incident. Perhaps they should start praying that they didn't hold funds of more savory kind of people and organizations. So they don't have any violent event in their future. After all these people are not known for their patience and moderation.
Which perhaps brings up the questions as this isn't the first time this happens or similar incidents make the news. How much "lost" cryptocurrency is out there? Missing wallets and passwords. Funds now unrecoverable. There ought to be large chunks from back in the olden days when it was worth nothing and people just tried it for fun and then promptly forgot about it. Perhaps not each instance is much but combined. As then it didn't take eons to do the calculations etc.
(Score: 3, Funny) by Opportunist on Saturday September 09 2023, @12:44PM
Sorry, lost the key.
Sorry, about to lose connection, that internet connection out here in Brazil ain't what it used to be back at home...
(Score: 5, Insightful) by Ox0000 on Saturday September 09 2023, @01:05PM (8 children)
Cool, the marketing department gave it a cutesie name. Such a minimizing name for a literally existential catastrophe...
I'm surprised they didn't select from this shortlist of other cutesie names (but maybe the next exploit or crypto-heist can pick from it):
- Wallet-whoopsie
- Inverse liquidity gains
- Possession Poof
- Non-Findable Tokens party
It's not a "Wallet Event", it's a demonstration of grave incompetency.
How's that whole "we don't need no stinkin' regulation" going for ya, crypto-peddlers?
I know the whole "Person P is an authority in field F, therefore, whatever they say in field F is also valid" is a logical fallacy, but I'm very open to making an exception for crypto-peddlers: if person P has demonstrated themselves to be a massive muppet(*) in the crypto magisterium, they should/can be considered a massive muppet all other magisteria.
(*) Mere participation in the crypto world qualifies you for this
(Score: 2) by Ox0000 on Saturday September 09 2023, @01:10PM
Formatting got chomped up, the second 'F' was supposed to say "F-prime"
"Person P is an authority in field F, therefore, whatever they say in field F<prime> is also valid"
(Score: 4, Insightful) by RS3 on Saturday September 09 2023, @03:44PM (6 children)
One possibility is they stole the crypto, and without the key, nobody can know.
(Score: 5, Informative) by Unixnut on Saturday September 09 2023, @06:44PM (5 children)
Not quite, crypto wallet balances are public. If you know the wallet address, you (or anyone) can view it online and see exactly what is in it, and all transactions. What you can't do without the key is transfer any crypto out of that wallet.
So if they transferred all the crypto out of the wallet and said "Sorry, we lost the keys to it", people can see (a) that the wallet is now empty, and (b) that the crypto has been moved to other wallets. In that situation their story would not fly.
(Score: 2) by RS3 on Saturday September 09 2023, @08:11PM (4 children)
Above are references to "physical". I know it's not a physical thing, any more than this website or my words here are physical. I hear these terms and concepts, but at some point, there must be a file on a computer/server somewhere? Where does that reside? Since the "wallet" isn't a physical thing either, is it a server, app/algorithm/database somewhere? Can it be faked, such that it looks like there is cryptocurrency in the wallet, when in fact someone emptied the wallet?
(Score: 5, Informative) by Ox0000 on Saturday September 09 2023, @08:48PM
It's spread around all the nodes that store or participate in the blockchain, which is a distributed storage mechanism.
The way to think about these Dunning-Krugerrands is a bit like a git repo, because they're not that different (except that the value of things stored in a git repo is typically greater than zero): there is no one central, single place of truth, the Truth is whatever the "majority" (this is somewhat inaccurate, but stick with me) decides it to be. In the case of git repos, think of this as whatever commit the majority decides to designate as main or "this is the commit on which we will base the next one, which in turn becomes the commit onto which we place the next one, etc, etc..."
So while you may muck about with your git repo clone (your copy of the blockchain) and change whichever file you want to hold whichever value (alter the value associated with your wallet), no-one else in the universe will accept your clone or its commits as the truth and thus that change you made doesn't really exist for those who continue to use the community's repo (the 'consensussed' blockchain).
In other words, if you commit locally, but no-one accepts your commit, does your commit matter? The same is true with DKR wallets: you need to get everyone else who has a copy of the blockchain to accept your modification as truth for it to become part of the truth.
The git example above is somewhat convoluted, does not do justice to the complexity of things, and isn't entirely an accurate analogy, but it's a good enough working mental model.
So in short: yes, it 'lives' somewhere, but that somewhere is not a single physical space, it is stored in a distributed fashion, so it lives 'everywhere-ish'. There is not a single node that holds the truth, instead 'Truth' is an emergent (or even designated) property of the consensus model built on top of that blockchain.
TTBOMK, it would not be possible (at this point in time) to fake the presence of Dunning-Krugerrands in a wallet when that wallet would in reality be empty. Because that would mean I could multi-spend my DKRs (after all, my wallet would look like it has DKRs to spend, even though it is really empty). Every movement of DKRs can easily be tracked, which is by design of the blockchain. That is part of its "trust me" model, in that when DKRs are moved, they are moved so that everyone can see they have moved, and can thus be prevented from being double-spent. When DKRs move out of your wallet, its value goes wallet->value -= spent_dkrs; for everyone to see.
(Score: 4, Informative) by Unixnut on Saturday September 09 2023, @09:42PM
The easiest way I can think to explain it assumes you know how pubkey encryption works for messages. So here goes...
A "wallet" is nothing more than a pubkey pair. The public key signs a block of transactions (which represents the current state of the account) which gets added to chain of blocks (hence "blockchain").
The pubkey is represented by the "wallet address", the private key you keep secret. Anyone can take your wallet address and send you coins by creating a transaction and signing it, the same way you can take someones GPG pubkey and sign messages and send it to them. Anyone can read these transactions and balances, but due to the signing nobody can alter them.
Only the person who has the matching private key to a wallet can create these transactions. So the same way if you lose your private GPG key you can no longer read encrypted e-mails, if you lose your wallets private keys you can't send coins, in essence locking yourself out of that account.
Cryptocurrencies are effectively the application of pubkey encryption to the signing of messages in a manner similar to e-mail, except instead of e-mails we are signing transactions, and a "state" of all messages/transactions to date is kept on a chain of blocks (a linked list effectively). Mining expands work to verify this chain, and with that expands energy to make sure nobody can unilaterally alter past transactions (the goal is to make this chain of transactions immutable).
So the closest to a "file" in cryptocurrencies is the private key. This, like any private key, can be represented in multiple ways. For example it can be a file on a machine, a barcode, a physical device (e.g. trezor) or the 15 "secret phrases" mentioned in the article (which can act as a seed to regenerate your private key).
I hope this analogy helps. It is a simplification of what goes on in the crypto ecosystem, but at its heart it relies on pubkey encryption and an ever growing chain of transaction messages to keep track of who has how much in each wallet.
(Score: 4, Informative) by VanessaE on Saturday September 09 2023, @10:53PM (1 child)
No single, authoritative file or server exists that is itself the "wallet". Not unless you're talking about your wallet on some exchange, or one of those "custodial" wallets, but even then those wallets are specific to the one site they're seen on, usually independent of anyone or anything else. They not entirely unlike your Paypal or Amazon gift card balance, really.
Rather, everyone has and maintains a copy of the public blockchain, and your normal non-custodial wallet is just an app or program that reads from its copy of the blockchain to calculate balances, listens for new entries being broadcast (when someone "sends" money), and adds and broadcasts new entries when appropriate.
You could say that the bazillions of records that make up a blockchain database are, collectively, the "file" you speak of, and since everyone has a copy, the whole relevant network is your "server". Your "algorithm" is simply the cryptographic algorithm that is used to build the blockchain, e.g. SHA256, Scrypt, etc., along with the implementation details of that blockchain (i.e. what goes into the data format for each record and group of records).
As for faking a balance, that's all but impossible, as each entry in a blockchain is cryptographically linked to its predecessor, and each block includes data (a sort of tag) which its successor will use in creating its link. Every block depends on its predecessor. Whatever copy of the blockchain is the longest is the one that "wins" and is regarded as authentic, and several identical copies of that longest chain must exist on the network for other computers thereon to accept it as legit. Further reading: https://www.investopedia.com/terms/1/51-attack.asp [investopedia.com]
Imagine having a bunch of encrypted documents that are passed around between you and a big group of colleagues, each containing something ordinary, let's say part of the schematics to a warp-capable star ship, still in development. 😀 Run one of these encrypted files through a one-way hash, and you get a key to use to decrypt its predecessor. Each new file includes a temporary decryption key, and as each new file is received, the software is instructed to delete its predecessor and accept a replacement file that's been encrypted using the hash of the new file, itself encrypted using the temporary key that came with it.
If you want to read any file in the chain, you just walk the chain from the recent end, hashing and decrypting (starting with the temporary key that came with the most recent file), until you work your way back to the file you wanted, and storing the decrypted data somewhere sane.
You're allowed to write your own documents, add them to the chain, and broadcast them, but if you wanted to *edit* one of those earlier files and try to pretend it was always that way, you would have to add a brand new document to the end of the chain to make it longer, re-encrypt everything from there all the way back to your edited file, and broadcast the whole shebang. Your altered file and everything after it would now resolve to different hashes, even if you changed just one byte, meaning you couldn't hash your altered file to get the key for its unedited predecessor. That means you'd have to re-encrypt the entire chain of files (or at least go so far back that no one would notice until it's too late), and broadcast the result.
Imagine that on a millions-of-files and millions-of-computers scale. Good luck convincing everyone else that your chain with the alterations is actually legit.
(Score: 2) by RS3 on Monday September 11 2023, @08:18PM
Thank you, null pointer, and Unixnut so much for taking the time to explain this stuff. If I was wealthy I'd start a tech school and hire y'all (and many others here on SN!).
So I'm understanding the conceptual, but in the practical, does one run an application that accesses the blockchain (which is out somewhere)?
How does it handle transaction processing / contention? I'm especially thinking that we all have (widely) varying Internet connection speeds. There must be a locking mechanism? And what are the timeouts?
(Score: 2, Funny) by stratified cake on Saturday September 09 2023, @01:16PM
There's already so many versions of this story, one that I read was:
they switched to a different system
emptied that wallet
moved customers over to different ones
threw away their cryptosteel as no longer needed
accidentally told customers to use the old wallet
Truly a shame that a mere 99.999% of crypto bros who are criminal, criminally incompetent or both give the entire industry such an undeserved bad reputation.
(Score: 0) by Anonymous Coward on Saturday September 09 2023, @01:28PM
isn't this where quantum computers swoop in and break the code(s)?
(Score: 4, Informative) by mcgrew on Saturday September 09 2023, @02:01PM (2 children)
Only fools buy magic beans. Magic beans have no substance, no rational worth, nothing to back them up at all. 21st century fool's gold, and with over eight billion people on the planet there are plenty of fools.
It is a disgrace that the richest nation in the world has hunger and homelessness.
(Score: 4, Insightful) by Runaway1956 on Saturday September 09 2023, @02:43PM
Exactly. Nothing with any intrinsic value has been lost. Smoke and mirrors, some handwaving and incantations, boil, toil, bubble and brew, add in a little digital chicanery, and a "wallet" has been lost. My steak and egg breakfast at the local diner had greater value than this imaginary wallet.
“I have become friends with many school shooters” - Tampon Tim Walz
(Score: 0) by Anonymous Coward on Monday September 11 2023, @04:22PM
I hate to tell you but there's nothing to back up those folding pieces of paper you have in your wallet either. Most currencies these days only have value in the goods or services that can be exchanged for them and defined by an agreed upon "worth" in regards to those goods or services.
(Score: 2) by turgid on Saturday September 09 2023, @02:41PM
If you're daft enough to fall for that you should probably already be in a nursing home.
I refuse to engage in a battle of wits with an unarmed opponent [wikipedia.org].
(Score: 4, Interesting) by deimtee on Sunday September 10 2023, @12:04AM (1 child)
Generally when a company goes bankrupt their assets are sold off to pay their creditors a few cents on the dollar. If this "wallet" is sold at that auction and the new owner suddenly "finds" the key they would have legal possession of the money in it.
One job constant is that good employers have low turnover, so opportunities to join good employers are relatively rare.
(Score: 2) by Ox0000 on Sunday September 10 2023, @04:27PM
I had not thought of this and this is a wonderful laundering mechanism. All you would need to do is make it so that the links between the old owner and the new owner are not (easily) traceable - which shouldn't be too hard.