I love the concept of cryptocoins. But in practice, there are some enormous hazards that make it not worthwhile IMO. This is just one such hazard, but by now we've seen several flavors of "this custody/storage mechanism failed to securely store some wealth." If securing it yourself, it's so easy to mishandle and either destroy your wealth or have it stolen. If delegating it to an "expert" you risk the custodial agent falling victim to theft/exit scam/ineptitude. Does any third party insure these agents?
Having a government-insured bank deposit means that I've never had to think about this in my lifetime. It's a problem that I don't need.
embedding-shape 20 minutes ago [-]
> Having a government-insured bank deposit means that I've never had to think about this in my lifetime
I think "in my lifetime" is the key here. Probably banks weren't as foolproof initially as they are today, and was a bit wild west too in the beginning.
With that said, I do think cryptocurrencies are still in a "exploring" phase and it's been way oversold on what it could help solve, especially by people who are looking to make a quick buck. Which is a shame, because the technology itself does have useful applications.
game_the0ry 2 hours ago [-]
Sort of a double edged sword there. A big part of the appeal of crypto money is that there is no "centralized daddy." The upside is that your property can't be confiscated by "centralized daddy." The downside is you can lose your keys.
People who do not understand that trade-off have no business buying crypto.
simonebrunozzi 1 hours ago [-]
> The upside is that your property can't be confiscated by "centralized daddy."
Really? Most crypto is not anonymous, it is at best pseudonymous. If a big enough government agency wants your crypto, they will get it.
sunshine-o 3 hours ago [-]
> Having a government-insured bank deposit means that I've never had to think about this in my lifetime. It's a problem that I don't need.
Government-insured bank deposits are mostly BS, the fine prints say they have about 10 years to reimburse you and in case of a systemic failure good luck.
In case the bank app, their "system" or your computer is compromised most banks will not reimburse you. It is very easy for them to say you were ultimately responsible for the hack. Very few banks have the policy of taking the loss and it is hard to know which one still do that unless you know someone in their fraud department.
citiguy 2 hours ago [-]
I was a victim of bank fraud a couple of years ago. My bank was totally at fault (I caught it, not them) and they reimbursed me in full.
From what I understand, government insurance goes more towards bank failure, not fraud.
m4ck_ 2 hours ago [-]
even if that's the case re: government insured banks.... Maybe it feels more secure because there is someone to hold accountable if/when it all falls apart. People can show up in DC with pitch forks and vent their frustration; good luck tracking the stateless billionaires behind a company like Binance through Micronesia/the Caribbean/Seychelles/whatever island paradise they stashed their cash on.
saubeidl 1 hours ago [-]
I believe cryptocurrencies are an in-vitro experiment on free market ideologies and that's why people are so split on them.
I think of them as primarily an ideological technology, designed to establish the primacy of free market capitalism over any sovereign law.
I think that is why people still hold onto them, despite nothing but scams coming out of them so far.
As somebody who doesn't think unrestrained free markets are a good idea, it feels like the capitalist monkey paw: Finally, there's completely unrestrained uncensorable money. Unfortunately, the result of that is what every advocate of regulation would've told you: Nothing but scams.
Ironically, the phrase capitalists use to describe why socialism can't work - "doesn't account for human nature" - has been proven to apply to their preferred ideology.
They got what they wanted and turns out it sucks. The technology that was supposed to establish the primacy of their world view ended up disproving it instead, plunging them into ideological crisis.
They have no choice but to double down despite ever more evidence of free market failure. There's a certain ideological cost sunk fallacy going on - to admit error and change ones ideological framework completely would be too painful, so they keep waiting for redemption.
Just my grain of salt as a socialist.
addams 4 hours ago [-]
One of CZ's tweets hints at an insider threat, but Trust Wallet was one of the GitHub organizations pwned by Sha1 Hulud. What are the odds this is a fallout of that?
amelius 1 hours ago [-]
I'm sure users lost more than $7M over the last few weeks just by holding Bitcoin.
amelius 1 hours ago [-]
Somewhat related question. Anyone else using a crypto wallet as a way to detect intrusion?
3eb7988a1663 3 hours ago [-]
That is a great domain name.
petesergeant 2 hours ago [-]
As anti-crypto as I am, it’s worth pointing out that users aren’t out a penny - binance will reimburse them
simonebrunozzi 1 hours ago [-]
> Binance founder Changpeng Zhao — who supposedly has no managerial role at Binance after he and the company were criminally charged in the US — announced that Binance would reimburse users who lost funds.
100% sure about this? How?
29athrowaway 2 hours ago [-]
Not your keys, not your coins.
wmf 2 hours ago [-]
I think this is a case of "your keys, not your coins".
sunshine-o 3 hours ago [-]
I believe the Achilles' heel of Web3 is really that is was built on Web1&2.
Whatever opinion you might have about this industry, the core work is done by the Bitcoin and Ethereum teams and it is pretty admirable. They have been progressing for 10 years in a system where any mistake can collapse the entire system.
But ultimately those wallets and Web3 apps are built with web technologies and run in a browser and this is just not made for this.
This hack was targeting seed phases or private key because the keys have to be stored in the browser extension. How insane is that? But there isn't really any other ways to do it within the framework of a web browser.
Ultimately if the extension or web app is compromised an hardware wallet cannot really ultimately protect you (at least you would only be compromised when interacting with it).
Ethereum also now built in the secp256r1 signature checker so passkey/yubikey can be used but, same problem the "web" is the weak link.
Bottom line if they want that thing to succeed they will have to create a way to interact with smart contracts outside of the web browser. Maybe it will take building a simpler "dapp browser". Their apps are pretty basic in the end, a TUI would be enough to swap a token and approve a transaction...
charlie0 2 hours ago [-]
It's not true that seed phrases have to be connected to the web browser though. Take a look at Trezor. There is a web plugin but the keys never leave the hardware wallet. The issue is users prefer the convenience of not needing to use a HW wallet for the transaction signing, which leads to a plce where keys are stored in digital space and can be stolen.
wmf 2 hours ago [-]
There are plenty of native app wallets.
Uptrenda 2 hours ago [-]
But it has trust in the name. How can it be hacked?
1 hours ago [-]
gigatexal 4 hours ago [-]
[flagged]
Rendered at 01:14:02 GMT+0000 (Coordinated Universal Time) with Vercel.
Having a government-insured bank deposit means that I've never had to think about this in my lifetime. It's a problem that I don't need.
I think "in my lifetime" is the key here. Probably banks weren't as foolproof initially as they are today, and was a bit wild west too in the beginning.
With that said, I do think cryptocurrencies are still in a "exploring" phase and it's been way oversold on what it could help solve, especially by people who are looking to make a quick buck. Which is a shame, because the technology itself does have useful applications.
People who do not understand that trade-off have no business buying crypto.
Really? Most crypto is not anonymous, it is at best pseudonymous. If a big enough government agency wants your crypto, they will get it.
Government-insured bank deposits are mostly BS, the fine prints say they have about 10 years to reimburse you and in case of a systemic failure good luck.
In case the bank app, their "system" or your computer is compromised most banks will not reimburse you. It is very easy for them to say you were ultimately responsible for the hack. Very few banks have the policy of taking the loss and it is hard to know which one still do that unless you know someone in their fraud department.
From what I understand, government insurance goes more towards bank failure, not fraud.
I think of them as primarily an ideological technology, designed to establish the primacy of free market capitalism over any sovereign law.
I think that is why people still hold onto them, despite nothing but scams coming out of them so far.
As somebody who doesn't think unrestrained free markets are a good idea, it feels like the capitalist monkey paw: Finally, there's completely unrestrained uncensorable money. Unfortunately, the result of that is what every advocate of regulation would've told you: Nothing but scams.
Ironically, the phrase capitalists use to describe why socialism can't work - "doesn't account for human nature" - has been proven to apply to their preferred ideology.
They got what they wanted and turns out it sucks. The technology that was supposed to establish the primacy of their world view ended up disproving it instead, plunging them into ideological crisis.
They have no choice but to double down despite ever more evidence of free market failure. There's a certain ideological cost sunk fallacy going on - to admit error and change ones ideological framework completely would be too painful, so they keep waiting for redemption.
Just my grain of salt as a socialist.
100% sure about this? How?
Whatever opinion you might have about this industry, the core work is done by the Bitcoin and Ethereum teams and it is pretty admirable. They have been progressing for 10 years in a system where any mistake can collapse the entire system.
But ultimately those wallets and Web3 apps are built with web technologies and run in a browser and this is just not made for this.
This hack was targeting seed phases or private key because the keys have to be stored in the browser extension. How insane is that? But there isn't really any other ways to do it within the framework of a web browser.
Ultimately if the extension or web app is compromised an hardware wallet cannot really ultimately protect you (at least you would only be compromised when interacting with it).
Ethereum also now built in the secp256r1 signature checker so passkey/yubikey can be used but, same problem the "web" is the weak link.
Bottom line if they want that thing to succeed they will have to create a way to interact with smart contracts outside of the web browser. Maybe it will take building a simpler "dapp browser". Their apps are pretty basic in the end, a TUI would be enough to swap a token and approve a transaction...