Investing

Can a Crypto Person Explain how "Coins" are accidentally moved to a cold wallet?

  • Last Updated:
  • May 13th, 2019 7:45 pm
[OP]
Deal Addict
Mar 10, 2010
1136 posts
234 upvotes

Can a Crypto Person Explain how "Coins" are accidentally moved to a cold wallet?

I'm sure we've all been sort of following the QuadrigaCX fiasco. And I'm not a person who has anything to do with cryptocurrency other than watching from the sidelines. It was recently reported that the company accidentally moved ~$400 000 into a "cold wallet" or off-line storage. My question for anybody who is into Bitcoin or the like is how you can accidentally do this? My understanding is that most "cold wallets" are removable devices like USB keys or external hard-drives (or an off-line computer). How can you accidentally transfer to one of these devices, doesn't it require a physical connection in order to move the "coins" from the servers to the "cold wallets"?

Is my understanding of this process flawed?
32 replies
Deal Expert
Mar 25, 2005
21297 posts
2126 upvotes
Clacker wrote:
Feb 15th, 2019 9:46 pm
I'm sure we've all been sort of following the QuadrigaCX fiasco. And I'm not a person who has anything to do with cryptocurrency other than watching from the sidelines. It was recently reported that the company accidentally moved ~$400 000 into a "cold wallet" or off-line storage. My question for anybody who is into Bitcoin or the like is how you can accidentally do this? My understanding is that most "cold wallets" are removable devices like USB keys or external hard-drives (or an off-line computer). How can you accidentally transfer to one of these devices, doesn't it require a physical connection in order to move the "coins" from the servers to the "cold wallets"?

Is my understanding of this process flawed?
Transferring TO a cold wallet only requires the address plus whatever verification the sending wallet requiers. I imagine QX had a list of accounts to send to, enter some OTP and off it goes.
[OP]
Deal Addict
Mar 10, 2010
1136 posts
234 upvotes
Kasakato wrote:
Feb 16th, 2019 11:25 am
Transferring TO a cold wallet only requires the address plus whatever verification the sending wallet requiers. I imagine QX had a list of accounts to send to, enter some OTP and off it goes.
So even if a device acting as a "cold wallet" doesn't exist anymore (say it's been destroyed) you could still "send" funds to this destroyed wallet? There's no mechanism to check if the cold wallet still exists?
Deal Fanatic
User avatar
Dec 14, 2010
5467 posts
5621 upvotes
Clacker wrote:
Feb 16th, 2019 3:39 pm
So even if a device acting as a "cold wallet" doesn't exist anymore (say it's been destroyed) you could still "send" funds to this destroyed wallet? There's no mechanism to check if the cold wallet still exists?
Correct. Millions of dollars have been lost in crypto, because people sent to wrong addresses. In the crypto world, because you are the bank, you are the sole responsible party for any transaction.

On Quadrigacx case, my belief is that no cold wallet was destroyed or lost. There are now so much evidence of wrongdoing that this is simply another empty disclosure to buy time to move estate away from creditors.


Rod
Build a comprehensive portfolio based on Investing and Trading strategies. Check out these threads and join the discussion:

Investing strategy based on dividend growth

Trading strategy based on Graham principles.
[OP]
Deal Addict
Mar 10, 2010
1136 posts
234 upvotes
What type of asinine system doesn't confirm that funds can go from point A to point B and simply evaporates the funds if B doesn't exists? That's mind boggling.

I do agree that the whole affair appears to be a scam.
[OP]
Deal Addict
Mar 10, 2010
1136 posts
234 upvotes
Clacker wrote:
Feb 16th, 2019 5:30 pm
What type of asinine system doesn't confirm that funds can go from point A to point B and simply evaporates the funds if B doesn't exists? That's mind boggling. Thanks for explaining that as I didn't even fathom a system would be built with such an obvious weakness.

I do agree that the whole affair appears to be a scam.
Sr. Member
Apr 14, 2017
894 posts
411 upvotes
DT Calgary
Just another reason why concurrency will never see the highs of 2017 ever again.
Deal Fanatic
User avatar
Dec 14, 2010
5467 posts
5621 upvotes
Clacker wrote:
Feb 16th, 2019 5:30 pm
What type of asinine system doesn't confirm that funds can go from point A to point B and simply evaporates the funds if B doesn't exists? That's mind boggling.

I do agree that the whole affair appears to be a scam.
A clarification is needed here. Was your question related to a valid, but incorrect address? Or was it related to an invalid address (wrong syntax) only?

If you send to an invalid address (like MyAddress), then the transaction won't go through because it doesn't comply with the Bitcoin protocol rules for constructing an address, including a checksum to prevent typos. So it checks that what you are trying to do is doable is won't proceed if it can't.

But if you send it to a valid, but incorrect address, that's the sender's fault for not enter the right address. The system has no way to know that when you sent to Joe's legit address that you never meant to send there, if Joe's address was correct. In that case, funds will be lost forever (unless Joe sends it back) because in crypto (by design) there are no mechanism to freeze / reclaim funds. That's why the government (or any 3rd party) can't shutdown / freeze it / reclaim back. You can send funds to an unclaimed / unowned address, if that address is valid. The system doesn't care (and it shouldn't) if the address is owned by someone and if the sender / recipient name and home address matches - you got SWIFT transactions for that already. Crypto is peer to peer transfer, with no intermediate parties, so no bank or government to check beyond sending to an actual valid address. Also by design is the impossibility (today) to find a private key to match a given address (to steal these funds), given that there are 16 ^ 64 possible private key combinations. Bitcoin protocol is 10 years old and was never hacked (the protocol, not talking about exchanges).

A system that was never hacked and always had 100% uptime, and which allows to transfer millions of dollars from anywhere to anywhere in a few hours doesn't sound asinine to me.


Rod
Build a comprehensive portfolio based on Investing and Trading strategies. Check out these threads and join the discussion:

Investing strategy based on dividend growth

Trading strategy based on Graham principles.
Deal Fanatic
User avatar
Dec 14, 2010
5467 posts
5621 upvotes
FreshCo wrote:
Feb 16th, 2019 6:55 pm
Just another reason why concurrency will never see the highs of 2017 ever again.
Too early to say that, this space is too new for mainstream. So I wouldn't make any statements saying "never" or "guaranteed". Nobody knows. At this point, it's just speculative, it could go either way.

Speaking of BTC, which is the most mature coin: Every single year, since it was created 10 years ago it makes a new higher low, with the exception of 1 year (2015). So as long as it keeps making a new higher low, I think there's potential for higher highs too, which keeps repeating from time to time. Meanwhile, it's a great vehicle for short term trading. Other coins have great prospect and different utilities. Time will tell how they scale and how secure they are. Most coins that died out either were not safe or couldn't scale.


Rod
Build a comprehensive portfolio based on Investing and Trading strategies. Check out these threads and join the discussion:

Investing strategy based on dividend growth

Trading strategy based on Graham principles.
Deal Addict
Oct 21, 2014
1222 posts
1377 upvotes
Burlington, ON
rodbarc wrote:
Feb 17th, 2019 9:00 am
A system that was never hacked and always had 100% uptime, and which allows to transfer millions of dollars from anywhere to anywhere in a few hours doesn't sound asinine to me.
I think what he means is that a system of payment that can't be reversed or traced has a pretty large flaw. I can think of at least three times in my life where my bank has made a large error which had to be reversed, and at least once where I did the same and transaction had to be reversed. Now more than $400,000 was "lost" from Quadriga because of a simple mistake, which comes out of the settlement that the creditors will get from the bankruptcy, not the person who made the mistake.

I don't know man, the absence of tracability and reversibility makes cryptos a total no go for me, and if nothing else comes from the Quadriga debacle I hope it is this lesson. If it can't be traced, it can't be invested in. You are going to get robbed.

I'm sticking with dividend stocks.
Member
Jun 13, 2009
424 posts
156 upvotes
Toronto
Gungnir wrote:
Feb 17th, 2019 2:21 pm
If it can't be traced, it can't be invested in. You are going to get robbed.

I'm sticking with dividend stocks.
+1
Deal Fanatic
User avatar
Dec 14, 2010
5467 posts
5621 upvotes
Gungnir wrote:
Feb 17th, 2019 2:21 pm
I think what he means is that a system of payment that can't be reversed or traced has a pretty large flaw. I can think of at least three times in my life where my bank has made a large error which had to be reversed, and at least once where I did the same and transaction had to be reversed. Now more than $400,000 was "lost" from Quadriga because of a simple mistake, which comes out of the settlement that the creditors will get from the bankruptcy, not the person who made the mistake.

I don't know man, the absence of tracability and reversibility makes cryptos a total no go for me, and if nothing else comes from the Quadriga debacle I hope it is this lesson. If it can't be traced, it can't be invested in. You are going to get robbed.

I'm sticking with dividend stocks.
I hear you, and that's the disadvantage of descentralization. It can be tracked, but nothing can be done about recovery because there are no central agency controlling or demanding that. The issue here is that today one still need a centralized exchange (on this case, this was a fraudulent one which leaves little protection). The issue experienced with Quadrigacx (or Mt. Gox) would never happen if one is transacting directly on the blockchain via a Descentralized exchange from end to end, like bisq (which will never be mainstream with current low fiat limits, and these low limits will probably always be in place given the lack of verification moving fiat - no bank would be involved moving large sums without verification).

Hence today I mostly use to trade - different asset class with its own drawbacks. Not comparable with dividend stocks, which are much safer.


Rod
Build a comprehensive portfolio based on Investing and Trading strategies. Check out these threads and join the discussion:

Investing strategy based on dividend growth

Trading strategy based on Graham principles.
Sr. Member
Nov 9, 2017
577 posts
56 upvotes
Clacker wrote:
Feb 15th, 2019 9:46 pm
I'm sure we've all been sort of following the QuadrigaCX fiasco. And I'm not a person who has anything to do with cryptocurrency other than watching from the sidelines. It was recently reported that the company accidentally moved ~$400 000 into a "cold wallet" or off-line storage. My question for anybody who is into Bitcoin or the like is how you can accidentally do this? My understanding is that most "cold wallets" are removable devices like USB keys or external hard-drives (or an off-line computer). How can you accidentally transfer to one of these devices, doesn't it require a physical connection in order to move the "coins" from the servers to the "cold wallets"?

Is my understanding of this process flawed?
QuadrigaCX probably had a cron job on their portal (built in house) that did certain things at certain times and sending money to cold wallet address was one of them when a certain condition (time, amount of money, etc...) was met.
OR
An employee with or without bad intentions mistakenly or intentionally sent them to cold wallet.

You can send to any address and device doesn't have to be connected.
[OP]
Deal Addict
Mar 10, 2010
1136 posts
234 upvotes
Gungnir wrote:
Feb 17th, 2019 2:21 pm
I think what he means is that a system of payment that can't be reversed or traced has a pretty large flaw. I can think of at least three times in my life where my bank has made a large error which had to be reversed, and at least once where I did the same and transaction had to be reversed. Now more than $400,000 was "lost" from Quadriga because of a simple mistake, which comes out of the settlement that the creditors will get from the bankruptcy, not the person who made the mistake.

I don't know man, the absence of tracability and reversibility makes cryptos a total no go for me, and if nothing else comes from the Quadriga debacle I hope it is this lesson. If it can't be traced, it can't be invested in. You are going to get robbed.
This is what I meant. I don't know much about the system, which is why I was asking questions.

So is this understanding more correct then: When "coins" are transferred nothing is actually sent from A to B. To transfer you are merely assigning a new encryption key which needed to be pre-made. So if a cold wallet was set up, then it would have a valid key whether the wallet still exists or not.

I'm sticking with dividend stocks.

Top