I posted the following question to Facebook a couple of days ago:
I hope this isn’t a stupid question, but how do people steal Bitcoin or other cryptocurrencies? Isn’t everything supposed to be kept in a “ledger” to be valid? Maybe thieves find a way to convert it to regular money or something? Doesn’t the ledger track such conversions?
I got only two answers, one from Tunisia, one from nearby.
The only way i would think of, is to actually steal your private key (either by gaining access to your machine or to the storage where the pk is kept). I don’t know a way to get around if this happens.
Jacer Omri practically speaking yes. That’s it. The “anonymity” of a bitcoin transaction leans on the inability to tie a public/private key pair to a real-world identity. If you can tie a secret key to a person then bitcoin is the absolute opposite of private as every transaction is perfectly visible.
In most situations we’re worried about public/private key theft or hijacking.
Theft of bitcoin is possible through the typical ways that ledger manipulation is possible … however the combination of data validation and leader election by lottery reduces the probability of this significantly but it is still NOT a non-possibility.
In all consensus algorithms I know of, including bitcoin, if a majority of the “deciders” come to the wrong answer (a bad transaction is called valid) then it is still possible to steal bitcoin. This would also be true with regular fiat money too. Except that the “deciders” are a much smaller set of things like banks and credit agencies.
In bitcoin you would … for example … choke the network at a point to temporarily constrain the possible deciders in the lottery of deciders (I’m referring to bit mining here) to favor some of your fellow scammers/colluders then you would all agree to present the WRONG answer as the right one. This would steal bitcoins from a victim, eventually get the block sealed inside your constrained network … and create a rift in the chain of blocks.
This has actually happened several times with a few exchanges. There’s remediation steps and that’s all very much like auditing in real life.
This is as best as I understand it. I do have a blockchain related patent but I’m far from the world’s leading expert on the problem. The alternative technologies lean on a concept of consortiums … which is based on trust-worthiness of the “deciders” and that’s the same basic problem shifted into a human government. It has all the same problems except its much easier to fire someone over it … so better? It at least saves electricity that way I guess.
My patent happens to be around ways to build consortium clusters.
George Hussein Entenman … in short: not a silly question at all. The developer analogy I use is Blockchain is very much like a git repository. Bit mining is very much like a CI/CD. And there’s a process like a merge request. The fraud prevention leans on not doing a “merge request” when there’s fraud detected.