Ah, good ol' cryptocurrency! A typo just made $36,000,000 of it vanish!

[thewayne]

This is a heck of a story.

Cryptocurrency is bound to a blockchain ledger that makes everything unchangeable, immutable. This concept is key to what happened. Everything that happens is bound to these blockchain ledgers. Once a transaction is posted to the immutable ledger, it's done. It cannot be changed. Well, sometimes it can, but it's extremely hard. And in this case, probably impossible.

Hashes are also a critical concept. It's sort of a checksum, a computed value that says that a particular value is valid and has not been tampered with. So you have a file, or token, that contains the transaction, plus a file that contains a hash of the transaction to validate it.

There's a third thing: wallets. Wallets are sort of like password managers, an electronic file that contains your cryptocurrency. I don't know if all cryptocurrencies have community wallets, this particular one does.

The Juno cryptocurrency had a problem. And at this point I'm just going to quote the article.

A community vote had decreed that around 3 million Juno tokens, worth around $36 million, be seized from an investor deemed to have acquired the tokens via malicious means. (This in itself was a big crypto news story.) The funds were to be sent to a wallet controlled by Juno token holders, who could vote on how it would be spent.

But a developer inadvertently copy and pasted the wrong wallet address, as reported by CoinDesk, leading to $36 million in crypto being sent to an inaccessible address.

What happened was the developer was sent the wallet address plus the hash of the address. Sadly, he entered the hash of the address, which is invalid. And it was written to the blockchain. And all them Juno coins are now forever inaccessible.

So the 'investor deemed to have acquired the tokens via malicious means' no longer has them, and neither does anyone else.

Cryptocurrency. Vanished into the bit bucket.

https://www.cnet.com/personal-finance/crypto/a-typo-sent-36-million-of-crypto-into-the-ether/

Comments

[elayna]

I've seen a couple of things lately about governments trying to figure out how to take cryptocurrency and I just... please don't. This stuff needs to disappear like Betamax.

[thewayne]

I was very disappointed to see California going pro-crypto.  Texas, not surprised.  But CA is supposed to be environmentally-friendly, and crypto is anything but!  Crypto and NFTs need to die in a fire, preferably in the heart of the sun.  Betamax at least was a good format, the mistake Sony made was not licensing it until it was too late.  The technical specs were far superior to VHS and Betamax continued to be used by broadcast stations basically until rewritable DVD and digital formats swept everything away.

Wow.

[kathmandu]

I got as far as "ut a developer inadvertently copy and pasted the wrong wallet address" and was reminded of Oliver North transferring illicit funds to the wrong numbered Swiss bank account. And then this turned out to be even more dramatic, equivalent to setting folding money on fire.

Re: Wow.

[thewayne]

Pretty much.  I remember Oliver North and Iran/Contra, but I don't remember him sending it to the wrong account!  I'll have to look that up!

Re: Wow.

[thewayne]

I looked up a few articles. It seems that the account for the Contras started with 386 and a typo rendered it as 368, or vice-versa. One article said the owner of the wrong account 'immediately went to the authorities', another said he was a shipping multi-millionaire who was expecting a large transfer and didn't notice it, so he transferred the money out into an investment and it earned a quarter mill or so.

The Swiss banking system and gov't ignored congressional investigators unless the Sultan of Brunei asked for his money back, then they were able to identify the businessman and the money was returned. I wasn't able to find whether or not any charges were laid against him, but it doesn't seem so.

Re: Wow.

[kathmandu]

That's about all I remember myself. But at least that time, they could ask for the money back.

With this bitcoin thing, there's no one to ask. It kind of sounds like they found a digital equivalent to setting money on fire.

[dewline]

And there are still people who want us all to go in on this stuff?

[thewayne]

Makes ya feel all warm'n'fuzzy and wants you to empty your bank account for it, doesn't it?

[disneydream06]

I have never understood Cryptocurrency. :o :o :o
And this is a good excuse not to get involved. :o
Hugs, Jon

[thewayne]

Oh, most definitely!  I have a moderate understanding.  I wouldn't touch it.  I'm with Warren Buffet: there is nothing real behind it, nothing tangible.

[disneydream06]

That's one of my thoughts about it. :o :o :o

[squirrelitude]

Naturally, it's still reversible; they just need a hard fork or whatever that declares that transaction to be rolled back. It's all based on having enough people sharing a consensus reality, and that reality can be... changed.

(And it's *hilarious* when that happens.)

[thewayne]

There is, of course, the small problem of lots and lots of transactions continue to be applied every second after that point, and forking at the bad transaction point would, I think, cancel everything else done after that.  At least I would think so, based on my experience as a relational database guy experienced in transaction log functionality.  If those transactions did not go away and the hash application is directly undone, you've just demonstrated that the immutable transaction log is, in fact, not immutable.  Big problem either way. Pass that popcorn!  Extra butter, please!

[squirrelitude]

Oh, I don't mean rolling back -- what they could do is hardcode the intended transaction into the protocol. The balance magically appears in the intended address for every node that agrees to this, and the unintended one is marked as never-valid (just in case).

On the one hand, this would actually be a totally reasonable thing to do if everyone agrees it is OK. On the other hand, it pulls back the veil on something that most cryptocurrency fanatics would rather not think about: *All* transactions are reversible if enough people decide they are. :-)

EDIT: This is essentially what happened with Ethereum a few years ago: https://www.coindesk.com/tech/2016/07/20/ethereum-executes-blockchain-hard-fork-to-return-dao-funds/ Everyone likes a "smart contract" until someone finds a bug. And yeah, extra butter. :-P

[thewayne]

Okay, gotcha.  Still, a very risky proposition.  Myself, I am not remotely a fan of crypto because of the energy costs.  But seems to me if they hardcode it once - regardless of consensus, that shows that it is mutable and people can and will figure out how to force transactions into it in the future.  Very steep and slippery slope to venture upon.  Criminals have a much greater motivation than altruism to figure out how to do things - greed.

[squirrelitude]

Same -- I thought Bitcoin was interesting at first, but then it became obvious that it's literally designed to waste as much energy as possible, and to be effective at doing so. Pretty awful. And I have yet to hear of a replacement mechanism that isn't bad in some other way.

I *do* want a convenient way to send people money electronically with low fees. But I guess we still don't have one! And maybe we won't: Money is always fraught, reversibility turns out to be a desirable property, adjudication (in one form or another) is always going to incur costs, and costs have to be folded back into the transaction mechanism.

[thewayne]

And crypto has been proven to be not remotely anonymous if the gov't really wants to find out who made the transaction.  It's also just too volatile with no reality behind it, too capricious.

[squirrelitude]

The really funny part for me is all the people who *think* they want the libertarian utopia of absolute irreversibility, an absolute onus on the holder of money to protect it, zero regulation, complete untraceability and anonymity, etc. -- and then are shocked when they find out what that's actually like.

(What's even funnier is that it's not actually untraceable or anonymous! Pretty persistent myth.)

[silveradept]

If you're going to design a system that can have those kinds of things destroyed or where a typo causes a severe amount of things to disappear, then that should make it pretty clear that the whole system is based way more on a fiat than any of the people who want to insist it's better than the current fiat system.

[thewayne]

The thing that I don't get is this is a primary design flaw!  It should recognize that A is a wallet address and B is a hash so such a thing couldn't have happened!  If I owned Juno currency, I would liquidate my holdings immediately.  And based on the ledger being immutable, can such a problem be fixed so it cannot happen again?!  Potentially much more popcorn may await the future with this one.

[silveradept]

Supposedly there were validators, but the bad transaction passed them all, which tells me someone in the design phase insisted that there should be no identifying features between a wallet and a transaction hash, such that you could program software to go "nope, that's 15 digits instead of 16, that's not a valid wallet destination" or any other similar thing. Probably because actually designing with that kind of error-checking in mind would make the people who believe that crypto tokens are seeeeeeecret and anonymous not want to invest in them, because then The Man could easily tell what's what.