2

I've seen several responses from actives saying once a keystore is lost, all is lost.

This is absolutely unacceptable. Having to find

C\USERS\\APPDATA\ROAMING\ETHEREUM\KEYSTORE

or wherever it is, by having to Google a post explaining the process, is totally unacceptable.
The engineers behind this left mistake for a reason, knowing full well a Windows crash or drive failure, or that the average, non-expert with Ethereum, would eventually make this mistake and lost all their Ether in the process.

It's out there somewhere, locked up, but my guess is, someone on the inside of ethereum.org knows how to retrieve it.

A back door key to the vault, so to speak.

I want to know, specifically, who came up with this idea and why it has not been corrected. And secondly, where the lost Ether is.

Or who's since stolen it.

hairboat
  • 101
  • 2
Richard Bell
  • 21
  • 1
  • I see there is a close vote on this question with the reason provided as this question is off topic; I think the second question is quote on topic: what happens to ether after you lose the key (and is there a secret Ethereum backdoor)? – lungj Aug 15 '17 at 02:34

2 Answers2

3

I've seen several responses from actives saying once a keystore is lost, all is lost.

Correct.

The engineers behind this left mistake for a reason, knowing full well a Windows crash or drive failure, or that the average, non-expert with Ethereum, would eventually make this mistake and lost all their Ether in the process.

In my opinion, Ethereum, and cryptocurrencies in general, are still not for the non-expert. Without wanting to sound condescending, they're based on difficult stuff, and require the user to be rather more than computer literate.

The terms and conditions for the original Ethereum Crowdsale stated the following (in caps):

"WARNING: DO NOT PURCHASE ETH IF YOU ARE NOT AN EXPERT IN DEALING WITH CRYPTOGRAPHIC TOKENS AND BLOCKCHAIN-BASED SOFTWARE SYSTEMS"

At some point the infrastructure will presumably become more user-friendly, but I don't think we're there yet.

Back to the back-ups...

Backing-up to another on-disk location is not the best way to store currency.

See: What is the recommended way to safely store Ether?

By creating automatic back-ups you increase the attack surface. By copying the keystore files to a second location on your computer, you create another place they can be found. If it's on the same drive, then you've done nothing to negate drive crashes.

What happens if you forget automatic back-ups are turned on? Or you switch them off that one time for some reason and then forget to turn them back on again? What happens if the back-up location no longer exists? What happens when you change the back-up location, perhaps multiple times, and you end up with keystore files scattered all over the shop? etc., etc.

Backing up automatically would make users dumb. It would mean they no longer had to think critically about how they were storing their currency. It would lull them into a false sense of security.

It's out there somewhere, locked up...

Even if you lose the keys to your account, you can still check the ether exists using the account's address and any bog-standard chain explorer. You'll be able to see it - and see that no one else has moved/taken it - you just won't be able access it.

...but my guess is, someone on the inside of ethereum.org knows how to retrieve it.

All the code is open-source. If there was a backdoor then people - people with lots of money invested - would have probably found it by now.

And secondly, where the lost Ether is.

As above - it's exactly where those people left it.

Richard Horrocks
  • 37,835
  • 13
  • 87
  • 144
  • Thanks, but I disagree on the "idiots shouldn't try Ethereum" argument. This was designed to become critical mass, and automatic backups ARE a good idea, and not in the Windows AppData directory where Microsoft will basically find a way to screw it up, and everyone, over. – Richard Bell Aug 14 '17 at 20:37
  • 1
    Ok now instead of explaining why, explain the how, because that is, obviously, the point of my stupid question, since I'm too stupid to figure out how to recover three months of mining Ether myself... – Richard Bell Aug 14 '17 at 20:38
  • 1
    @RichardBell No, automatic backups are a terrible idea. To keep your funds safe, the keys must only be precisely where you choose to put them. The more things you have to keep safe to keep your funds safe, the harder it is to keep them safe. You must choose precisely where your keys are to be kept and they must only be kept precisely where you know they are. Otherwise, your funds can be irretrievably compromised. – David Schwartz Aug 14 '17 at 21:06
  • Perhaps a middle ground like some other wallets that prompt users to back up their keys should be taken given the poor data practices of most people. I guess I could file a ticket or submit a patch (unless geth already does this; I don't use it). – lungj Aug 14 '17 at 22:30
  • I figured out how to recover the lost UTC key. But I'm not going to post how because I'm too stupid to explain it. – Richard Bell Aug 15 '17 at 00:10
  • I have two cloud backups running backing up everything automatically. It must not be a bad idea. – Richard Bell Aug 15 '17 at 00:11
  • @RichardBell I'm glad you recovered your keys! – lungj Aug 15 '17 at 02:28
1

The crypto behind Ethereum is well-used and can be audited (implementation and the protocol itself). Unlike the Dual_EC_DRBG algorithm, which might have a backdoor, from what I can tell, magic numbers in Ethereum are too clean to have been likely to be created maliciously (e.g., hitchhiker's guide to the galaxy joke in the genesis block or 0) or are employed in algorithms for which any backdoors embedded in the source code would enable anyone who is looking at the source to also be able to exploit the back door.

Imagine you have an extremely hard to pick bank vault (mathematically-speaking) and a magic button you can press to create a key. But now you throw away the button and the key to the vault. It isn't (yet?) provable that no one can reconstruct the magic button or a key, but no one has done it, yet. Thus, as far as we can tell, no one has access to the vault's contents anymore. Of course, if you're running your regular backup software (which you are, right?) and testing your backups, in the event of a disk crash, you're protected from key loss.

geth hasn't really promoted itself as an easy-to-use system. We're still in the Homestead phase. The next phase, Metropolis, "will be reached as soon as an official interface is released for technically inexperienced users." (ibid.) FWIW, other implementations of Ethereum like Parity and Jaxx include backup mechanisms. Note that your complaint is about geth and not about Ethereum (which doesn't define anything about key storage or user interfaces).

If you're worried about backdoors, maybe also time to avoid Windows.

Cribbing from, and extending, @RichardHorrocks' answer, if there were a backdoor, the backdoor could be exploited even if the keys for an account haven't been lost. There's no way to know if keys are lost or just not being used. If in doubt, one can always check the public blockchain for accounts you control to see if transactions from your account have been authorized without your say-so. One must be wary of things like unprotected computers and alternate attacks for gaining your keys (rather than assuming a backdoor), however. And, of course, you shouldn't take the word of people on the Internet claiming their ether has evaporated since you don't know whether they were lax with security and got hacked, took proper precautions (and were hacked, anyway), spreading FUD, or there is actually a backdoor. That's one of the benefits and drawbacks of using trustless software: you don't need to trust anyone, but you need to be able to trust your own ability to make decisions. Думайте сами, решайте сами Иметь или не иметь ETH.

lungj
  • 6,680
  • 2
  • 17
  • 45