How "dumb mistakes" can lead to costly bitcoin losses

It's great that bitcoin gives you the power to "be your own bank", with almost zero fees and full control over your finances. But even banks discover sometimes such power can backfire. Nothing can stop human error, technical glitches, human nature or a combination of all three from wreaking havoc on the balance sheet.

But bitcoin is also like a pocketful of cash. Like that time you shelled out $100 instead of $10, or two bills instead of one, a simple concentration lapse can see exponentially more bitcoin leave your wallet than you'd intended, never to be seen again.

The difference between bitcoin and cash, though, is that much larger amounts may be at stake. Cash transactions tend to be smaller, while (reputedly safer) credit cards and bank transfers handle larger ones. Bitcoin allows you not only to transfer a million dollars in a heartbeat, it gives you a chance to send it to the wrong place. Or nowhere at all.

Reddit has a thread on "The dumbest mistake you've made with bitcoin", full of stories about people who mined hundreds or more BTC in the early days only to trash the file or blow their potential fortune on frivolous purchases. SatoshiDice also plays a large role in causing regret, as do payments for still-unshipped mining hardware made when 1 BTC was $5.

Then there are all the usual caveats surrounding online wallets and escrow systems, and the level of trust you should place in them.

Coders, NASA scientists and traders understand the brutality typographical errors can unleash on a project. Bitcoin is equally unforgiving with its mostly anonymous, non-reversible transactions and decentralized structure. If teams sending rockets to Mars can slip up, what hope is there for the average bitcoin software developer or spender?

To your horror, you realize you forgot to toggle from BTC to mBTC before you sent the amount; fat-fingered an extra zero; or copy-pasted a completely different address string to the one you wanted. Perhaps someone just sent you a large payment directly to an address you no longer control or a paper wallet you misplaced somehow. Or you released software that pays out a 10 BTC transaction fee for each payment processed.

Power users and developers create their own raw transactions in bitcoin's Script language to create more esoteric transactions allowed by the protocol but not featured in most software wallets, such as escrow payments. This involves manually typing all transaction details into a command line, and all the associated risks.

Some solutions are appearing, like wallet software Electrum's raw transaction graphic front-end and brainwallet.org's web-based transaction builder. The latter assumes you trust an online service more than your ability to type error-free Script, and with both you'll still need to enter keys and transaction fees with care.

Manually assigning transaction fees also produces the occasional but inevitable expensive BTC blunder for software developers and a few others, as it did with this unfortunate account. Once confirmed, the transaction fee is distributed to multiple unknown miners who will never be able to provide a personal thank you for the generosity.

There's no customer support line to reach for. Sometimes, the most effective course of action is to broadcast news of the mistake as wide as possible on online forums and new aggregators, in the hope someone benevolent will come to your aid.

That's what happened in the case above, where a fellow reader contacted powerful mining pool BTC Guild. BTC Guild tracked and reimbursed a portion of the mistake, but 75% of the originator's total was shared out and 'lost' to the network.

The Bitcoin Talk forum and reddit are filled with stories of woe. An unknown but unlucky user sent out over 100 BTC in transaction fees over a 24-hour period in September.

The large spikes visible on this blockchain.info transaction fee chart likely resulted from human error. It should be noted that, as well as community sympathy, there is also a suspicion some large erroneous-looking transactions could be coinwashing (aka money-laundering) efforts in disguise.

Mike Hearn, developer at the Bitcoin Foundation, says most loss-causing errors are the result of users not backing up locally-stored wallet files at the right time, and by misusing paper wallets. The excess fee issue, he says, is only a problem for software developers.

"Right now the times when you need to make fresh backups aren't always obvious. I'm hoping that wallet authors will get better at pushing users to make backups as well – the Android app already does push users in the right direction, but I'd rather like to see automatic backups be made by default. Basically I think we can push users in the right direction much more strongly than is presently done," he said.

[post-quote]

"Misusing paper wallets is related to that. Not all wallet software is designed to support paper wallets. People who don't understand this have managed to delete money before, by importing a private key that was exported, making a partial payment, then destroying the wallet – not realizing that the change didn't go back to the same key they imported."

Many users may not be aware of the need for frequent wallet file backups. At present, wallets create private and public keys on demand, meaning regular backups are necessary to prevent loss. There is also the problem of maintaining multiple wallets on several devices.

The solution to this, due for future implementation, is 'hierarchical deterministic' (HD) wallets. This kind of wallet generates all keys from a single seed, meaning it can be backed up to hard copy just once and then retained. HD wallets also allow multiple devices to host the same wallet, staying in sync with each other.

As mentioned here previously, the bitcoin development team also hopes to add human-memorable address aliases and a messaging function to transactions. Messaging would allow users to include a refund address with transactions to make it easier for recipients to send them.

ASICminer

CEO 'friedcat' was lauded in September 2013 for returning 200 BTC mistakenly sent to the company. He said the only thought to cross his mind was to refund the amount, as it shouldn't belong to anyone else. He also believes bitcoin software could do more to save users from themselves.

"We shouldn't rely on voluntary refunds, especially in this irreversible transaction based currency. The software should give warnings and options to cancel the transaction before sending it to the network," he said.

As bitcoin grows far beyond the boundaries of its online communities, there's every chance recipients of mistaken largesse won't feel the need to reimburse as friedcat did. Sympathy towards the careless will drop. The sheer volume of future errors will make them less likely to be corrected, even in part.

Before computers had graphical user interfaces that popped up to warn you every time you clicked something meaningful, command lines would follow every mistyped directive without even a beep, even if it meant erasing vital system directories.

For now, bitcoin can be like those command lines and the best protection against your own bank becoming your own financial crisis is you.

Keep all your paper wallets in a safe place and backup your local wallet file regularly. Double check the recipient address and if the amount is enough to make you cry if lost, check it again. Check to make sure an insignificant amount doesn't become significant while you're distracted.

It's probably a good idea not to drink before playing SatoshiDice, too.