Probably you all know NXT community had its main exchange compromised.
They discussed if was the case to rollback last block of blockchain to make the theft never happen:
https://nxtforum.org/news-and-announcements/forgers-have-been-faced-with-a-choice/
The rollback is an horrible thing to do and fortunately they decided not to do so but now they have 5% of the coin owned by the thief. This is a bad thing too.
What will be our reaction if (when) it happens to us?
Let justice do its own course or react?
Can we develop appropriate instruments to face such a situation?
A good instrument would be a decentralized account blacklisting method.
Or we can focus on avoiding such a situation developing multisignature accounts and rate limited accounts.
Let's have a good brainstorming about it.
I am a cryptoanarchist and I sense this is the time for my probably unpopular opinion.
Exchanges are Single point of failures in a decentralized system and people who use them ( or anything in the world of cryptocoins ) are expected to perform due diligence. The fact that 5% of all coins were stolen shows that most people choose not to do so, but if you keep a shitload of coins on an exchange and the exchange manages to lose it, dont come to me crying, it's their fault really. People wouldn't bring 100$ to a friend and say "just keep them for now, i might come someday and take them", no they keep their money in their wallets, or in a safe place, or in bank ( that guarantees them they will get their money back, exchanges dont do this), why would you hand your cryptos to a stranger who happens to run an exchange?
Solution:
We need to educate People!
If people don't store money in their exchange account, they are not going to lose it.
I am not sure about how things like account control could have prevented this, someone care to explain?
Also we need to abandon the concept of decentralized exchanges, and create decentralized ones. Yes i know this is super hard and will take very long but this is really important, and no i cant code one, sry for that but i dont really see NEM succeding without a decentralized btc <-> nem exchange.
To comment on the rollback:
I am glad the NXt community chose not to do a rollback, there aren't really situations that would justify an rollback IMO.
The idea of a cryptocurrency is that nobody can control or regulate it, if the forgers start to fork because something happend that they dont like then you are simply abandoning these principles, you couldn't even argue with "Yeah but you need a majority of the forgers to do it" because forgers != users.
These principles are what got me here, what got many users here i believe, and it's the only thing that justifies the existance of cryptos, to change things, a change that must happen in the mindset of people, and if one single exchange accumulates 5% of a crypto then i guess people dont know how to use it and we are not quite there yet, all the more reason not to stop.
If this happens in NEM it is tragic. but that's it.
A rollback is still no option, yes it will hurt the Currency, but not as much as having a currency that chose to ignore its priciples.
I am quite stubborn on this.
But i am all for helping the average user ( now you are confused 
)
It's just that if an exchange gets hacked there is'nt really much we can do.
Some poeple might remember i talked about coding a blockchain explorer once, i am still doing this ( actually its more than just a Blockex…anyway)
I had this idea once to make something that i would call a watchdog, a simple program that monitors addresses ( with the permission of the owner ) and if it detects that x percent of all the NEM in that account were spent in x amount of time it would email the user, asking if he authorized this payment, if not, or if he dosn't respond in x minutes my watchdog app would automatically publish this account on a public flagged accounts list.
Exchanges could crawl this list and if they get a transaction of one of these flagged accounts they could suspend the account that recieved it.
This was just a rough idea. There would be some things implemented that would prove to the exchange that my app was authorized by the owner to do this so i cant just flag accounts for no reason or something. Or if the coins get transfered to other accounts we could track that too… I dont have all the details worked out but this COULD help people who got their coins stolen.
Although the exchange is very much to be blamed, the saddest part about it is that it affects the crypto economy at large.
It is a case of ignorance with the rest of the population (i.e., 7 Billion of them) and the reinforced apparent notion that cryptocoin is a waste of time. We have had enough successions of bad news. When Mt. Gox went belly up, many thought bitcoin went bust! And that's the reality out there.
Anyhow, there must be a stand everyone has to take in the crypto community. Either rollback or just too bad. Either way is damaging. As a community of slightly more than 2 million of us, it is also to our interest that we want to see the usage multiply to 100 million people. With such retardations like the latest Bter saga, it will take a much longer time for the wound to heal. We had Mt. Gox and then Mintpal and now Bter all within the same year. In is undeniable that we will have more in the coming years. But all these will create a very big dent in the crypto economy.
I guess there is no straight answer to this. The current situation is that we have the two extremes of ideals. Like left and ring wing ideals. We have on one end, the real world economy that is dominated and controlled by a few and then we have on the end of the spectrum, a complete crypto anarchist. Either extremes will not benefit the man on the street.
I think the answer lies in the middle of the road solution and let the masses determine its course. In that respect, I would be more inclined to look at some centralization and at the same time, shift towards decentralization. In other words, exercise some control while working in a decentralized regime.
How does that relate to a Bter problem? If we have some body like a rating agency who'd go round checking the soundness of an exchange, then there is less likelihood of this happening. I wouldn't say it will eradicate these potential problems but the chances of any exchange coming out in better shape are much higher. The right parties that should look into this are the foundations, like the Bitcoin foundation.
I am neither for rollback nor for leaving it as is. But if I have to make a choice, I think I'd go for rolling back. Reason is, the thieves don't deserve to keep these coins either. Many of the innocent victims are young, inexperienced and probably not technologically inclined to know how to keep the coins in their own wallets. You will be surprised that there are many out there who don't know how to handle wallets. The fear of losing a wallet to virus, erasure, hard disk failure and lack of knowledge or know-how are probably the reasons why they turn to these exchanges.
We may have taken for granted just because we seem to know what to do, but many don't. And because we know what to do, we can sit back and criticize how some of these people are so silly. To me, it is important that we must know and understand why people want to put their entire "wallet" in the exchange. We also need to understand if 5% of all nxt coins in there is a reasonable amount that is kept floating in the exchange, taking into consideration that Bter is one of the only few exchanges that are handling Nxt.
Now is not the time to think as we need to act. But we should start thinking how this problem can be tackled in the future. I have no answer to that yet.
But I have hope in NEM. I must admit, it may not be a panacea, but I believe it will have some good features put in place that will deter and manage some of these problems. That's why we are naming it our "epic projects". In the design of our Fast Trading Exchange (FTE), we are in fact working on not having any warm wallets. All wallets are distributed in the user's wallets instead. So,there is no 50 million NEMs to be stolen as the FTE only does matching. The FTE does not keep Fiat or Cryptos.
We are able to do this because NEM is a flexible architecture that can allow that to happen. Its rule based accounts could prove to be fundamental and key to how NEM can be a very powerful ecosystem.
We hope to be able to realize these "epic projects" faster with the crowdsale, failing which it won't come on stream maybe until late next year.
@GreyFox
I agree with you when you say it's all Bter and users fault so we must educate people.
But shit happens the same: there always will be people thinking they knew better, there always will be people who think they have no time for security, there always will be people who think developers should take care of that, and so on… They are wrong but they are part of the community and we would better take care of them.
I like your idea of controlling abnormal outgoing transactions but has many limitations/problems:
1) is a completely centralized system: everyone shoud relay on you
2) if just one exchange/merchant/casino/whatever reject to use your blacklist the whole system is completely useless
3) users have no direct control over it: I cannot define what is a suspicios transaction for my accounts
It would be much better implement "rate limited accounts" directly into NIS, just like any ATM card and credit card has a daily or monthly maximum. My idea follows.
I send a special transaction stating my own rules:
my maximum daily allowed budget
a whitelisted destination account towards I can go over the limit
a "time to live" representing a delay between the definitin of a new rule and when it is applied
NIS shoud deny any transaction going against these rules.
As an example: I send a transaction from account XXX saying I don't spend more than 100 NEM per day, I can send more than 100 NEM per day only to YYY, I if change my mind new rules will apply after one week.
When the hacker takes my private key he can do two things: steal 100 NEM, try to change rules for my account.
I have one week to see what's happening before he takes all; during this week I can push the panic button and transfer all my NEMs to my YYY account (paper or cold wallet).
I think this would make NEM the safest crypo of all…
@GreyFox
I agree with you when you say it's all Bter and users fault so we must educate people.
But shit happens the same: there always will be people thinking they knew better, there always will be people who think they have no time for security, there always will be people who think developers should take care of that, and so on... They are wrong but they are part of the community and we would better take care of them.
I like your idea of controlling abnormal outgoing transactions but has many limitations/problems:
1) is a completely centralized system: everyone shoud relay on you
2) if just one exchange/merchant/casino/whatever reject to use your blacklist the whole system is completely useless
3) users have no direct control over it: I cannot define what is a suspicios transaction for my accounts
It would be much better implement "rate limited accounts" directly into NIS, just like any ATM card and credit card has a daily or monthly maximum. My idea follows.
I send a special transaction stating my own rules:
my maximum daily allowed budget
a whitelisted destination account towards I can go over the limit
a "time to live" representing a delay between the definitin of a new rule and when it is applied
NIS shoud deny any transaction going against these rules.
As an example: I send a transaction from account XXX saying I don't spend more than 100 NEM per day, I can send more than 100 NEM per day only to YYY, I if change my mind new rules will apply after one week.
When the hacker takes my private key he can do two things: steal 100 NEM, try to change rules for my account.
I have one week to see what's happening before he takes all; during this week I can push the panic button and transfer all my NEMs to my YYY account (paper or cold wallet).
I think this would make NEM the safest crypo of all...
This can be part of a rule based solution.
I like your idea of controlling abnormal outgoing transactions but has many limitations/problems:
1) is a completely centralized system: everyone shoud relay on you
2) if just one exchange/merchant/casino/whatever reject to use your blacklist the whole system is completely useless
3) users have no direct control over it: I cannot define what is a suspicios transaction for my accounts
1) true, that's a bad thing i agree, others could copy it but its still centralized.
2) true, but its something, and at least it would notify the onwner imediately.
3) well you could set how the system will detect suspicious transactions
But it was just an idea that [u]could[/u] help, something like this can't be the final solution however.
If Nem dosn't come up with an solution by itself, building external services that try to help would be an option worth considering, and people could use it until we got a solution in the core.
It would be awesome if we had some account control functionality in NEM, like locking an account for x days, only allow to a specific transaction or even automated transactions, and i like rigel's idea in general.
Unfortunately until either NIS becomes open source OR the devs choose to reveal some of the inner workings of NIS we cant really discuss much about what we can do or how we would implement it.
We are able to do this because NEM is a flexible architecture that can allow that to happen. Its[u] rule based accounts [/s][/u]could prove to be fundamental and key to how NEM can be a very powerful ecosystem.
This sounds very interresting, can we get more details on these rule based accounts?
@GreyFox
I agree with you when you say it's all Bter and users fault so we must educate people.
But shit happens the same: there always will be people thinking they knew better, there always will be people who think they have no time for security, there always will be people who think developers should take care of that, and so on... They are wrong but they are part of the community and we would better take care of them.
I like your idea of controlling abnormal outgoing transactions but has many limitations/problems:
1) is a completely centralized system: everyone shoud relay on you
2) if just one exchange/merchant/casino/whatever reject to use your blacklist the whole system is completely useless
3) users have no direct control over it: I cannot define what is a suspicios transaction for my accounts
It would be much better implement "rate limited accounts" directly into NIS, just like any ATM card and credit card has a daily or monthly maximum. My idea follows.
I send a special transaction stating my own rules:
my maximum daily allowed budget
a whitelisted destination account towards I can go over the limit
a "time to live" representing a delay between the definitin of a new rule and when it is applied
NIS shoud deny any transaction going against these rules.
As an example: I send a transaction from account XXX saying I don't spend more than 100 NEM per day, I can send more than 100 NEM per day only to YYY, I if change my mind new rules will apply after one week.
When the hacker takes my private key he can do two things: steal 100 NEM, try to change rules for my account.
I have one week to see what's happening before he takes all; during this week I can push the panic button and transfer all my NEMs to my YYY account (paper or cold wallet).
I think this would make NEM the safest crypo of all...
How would you detect the hacker?
Something like shitcoins could be used to "taint" stolen coins.
I suggest everyone to familiarize themselves with this idea: http://www.loper-os.org/?p=988
@GreyFox
I agree with you when you say it's all Bter and users fault so we must educate people.
But shit happens the same: there always will be people thinking they knew better, there always will be people who think they have no time for security, there always will be people who think developers should take care of that, and so on... They are wrong but they are part of the community and we would better take care of them.
I like your idea of controlling abnormal outgoing transactions but has many limitations/problems:
1) is a completely centralized system: everyone shoud relay on you
2) if just one exchange/merchant/casino/whatever reject to use your blacklist the whole system is completely useless
3) users have no direct control over it: I cannot define what is a suspicios transaction for my accounts
It would be much better implement "rate limited accounts" directly into NIS, just like any ATM card and credit card has a daily or monthly maximum. My idea follows.
I send a special transaction stating my own rules:
my maximum daily allowed budget
a whitelisted destination account towards I can go over the limit
a "time to live" representing a delay between the definitin of a new rule and when it is applied
NIS shoud deny any transaction going against these rules.
As an example: I send a transaction from account XXX saying I don't spend more than 100 NEM per day, I can send more than 100 NEM per day only to YYY, I if change my mind new rules will apply after one week.
When the hacker takes my private key he can do two things: steal 100 NEM, try to change rules for my account.
I have one week to see what's happening before he takes all; during this week I can push the panic button and transfer all my NEMs to my YYY account (paper or cold wallet).
I think this would make NEM the safest crypo of all...
How would you detect the hacker?
I can see the 100 NEM outgoing transaction if I double check outgoing transactions.
I can have some sort of alert when I'm changing my rules (or the hacker is changing my rules).
How would you detect the hacker?
I can see the 100 NEM outgoing transaction if I double check outgoing transactions.
I can have some sort of alert when I'm changing my rules (or the hacker is changing my rules).
Do it like Domain management style. Any changes user will get notified via email and need to confirm the change or transaction.
How would you detect the hacker?
I can see the 100 NEM outgoing transaction if I double check outgoing transactions.
I can have some sort of alert when I'm changing my rules (or the hacker is changing my rules).
Do it like Domain management style. Any changes user will get notified via email and need to confirm the change or transaction.
Non easy without a central authority: every NIS server should send me an email and wait my confirmation?
I was thinking of a banner in my NCC saying "New rules application in 5 days" but what if my NCC is tampered? If I've been hacked I cannot trust my system.
Makoto's question is hard to respond, more brainstorm needed...
How would you detect the hacker?
I can see the 100 NEM outgoing transaction if I double check outgoing transactions.
I can have some sort of alert when I'm changing my rules (or the hacker is changing my rules).
Do it like Domain management style. Any changes user will get notified via email and need to confirm the change or transaction.
Non easy without a central authority: every NIS server should send me an email and wait my confirmation?
I was thinking of a banner in my NCC saying "New rules application in 5 days" but what if my NCC is tampered? If I've been hacked I cannot trust my system.
Makoto's question is hard to respond, more brainstorm needed...
Deploy multisig?
I think we can do a lot to counter such things. Multi-Sig and another thing that isn't official yet will go along way imho.
Long term I hope we can replace centralized exchanges with an awesome AE 