How Can Binance Recover the Lost 7,000 Bitcoins?

The more than 7,000 BTC stolen from Binance has sparked a lot of discussion, among which the most serious discussion is the rollback of transactions and reorganization of blocks mentioned by Zhao Changpeng in the live broadcast.
After many industry leaders commented on this move, the reorganization of blocks to recover the lost 7,000 bitcoins became the focus of discussion. Among them, Pan Zhibiao, founder of CoinIn Mining Pool, and Jiang Zhuoer, founder of Litecoin Mining Pool, both explained the matter.
Pan Zhibiao:
1. Double-spending transactions through reorganization (reorg) is theoretically feasible. Technically speaking, the impact of reorganization is much smaller than that caused by soft fork (hard fork).
2. Feasibility: More than half. CZ contacted a certain land to gather computing power. The computing power of the direct line plus the computing power that can be directly obtained is estimated to be about 26E, slightly more than half of the entire network. Considering that there are extra rewards for participating in the mining pool, it is possible to attract the middle-of-the-road mining pool miners to join, and eventually more than half of the computing power of the entire network can be stably obtained. It is easier to tempt miners than mining pools.
3. Assuming that 65% of the computing power participates in the reorganization action when the stolen transaction has 30 confirmations, it will take 16 hours and 40 minutes to reach the same height.
4. Once the height wins, the computing power of the entire network will converge into one chain, and it seems that nothing has happened. Of course, the mining pools that do not participate will suffer great losses.
4. In nearly 17 hours, people will most likely discover this action because the block production speed of the entire network is too slow, and many monitoring systems will detect the fork.
5. Possible action: UASF. Before the reorganization is successful, someone will release a full node patch that can forcibly recognize the block hash value of the stolen transaction, making it impossible for the reorganized chain to rewrite the existing data even if it wins.
6. The Bitcoin network hard forked because of disagreements on the block hash of the stolen transaction.
7. After the hard fork, the prices of the two chains are determined by the market. CZ can get back the 7k coins on the reorganized chain, but he cannot get back the chain that refuses to reorganize.
8. If the reorganization is successful, there will be no fundamental change to Bitcoin, except that large transactions with a small number of confirmations will no longer be safe. In the future, when sending or receiving 7K coins, wait at least one day for the number of confirmations.
Jiang Zhuoer:
1. Zhao Changpeng’s claim that he might rollback BTC transactions to recover the 7,000 BTC lost by Binance has caused great controversy.
2. This rollback is technically feasible: as long as there is more than 51% computing power, a new fork will be mined before the stolen coin transaction block, and only the stolen transaction (and subsequent transactions) will be removed, and other transactions on the original chain will be packaged normally. Then, after the length of the new fork exceeds the original stolen chain, block reorganization (reorg) will occur.
Reorganization can be simply understood as: the new fork covers the original stolen chain, and the effect is: without affecting other transactions, the stolen transaction is rolled back alone. This rollback was strongly opposed by community members (I also opposed it) because it changed the most important feature of Bitcoin: immutability.
3. This rollback was fiercely opposed by community members (I also opposed it) because it changed the most important feature of Bitcoin: immutability. But some people began to consider further:
@潘志彪kevin:
1. What if the person who lost the coins is a government or even an agency like the FBI? What would happen if the agency asked all mining pools, whether companies or individuals, to reorganize their computing power?
2. What if the person who stole the coins is a world-renowned terrorist organization? What if they used the 7K coins to buy nuclear bombs?
Pan Zhibiao’s answer is: run the full node, and then actively apply the full node patch (UASF) before the reorganization occurs. This patch can forcibly recognize the stolen transactions, so that even if the reorganized chain wins, it will not be able to rewrite the existing data.
4. Pan Zhibiao’s answer does not work. His approach cannot prevent BTC transactions from being modified. It only proactively patches the blockchain and forks out a forked chain where transactions are not modified.
If the government legally requires mining pools (mostly operated by companies) to roll back a stolen coin transaction, then the mining pools can only do so. Rolling back this transaction will not have much direct impact in the short term, and it can be expected that the branch after the rollback will still occupy most of the market value, users, and resources.
According to Pan Zhibiao's process, only a few people (who have the ability to notice the incident in a short period of time and patch the full node) retained an unmodified chain, which may eventually form a dual chain like ETH (rolled back the DAO theft) & ETC (retained the DAO theft).
5. So, if you think that Bitcoin's "immutability" is very important, what should be done? It's very simple, just don't allow deep reorgs. In the history of Bitcoin, except for BUGs, there has never been a reorg of more than 6 blocks, and users generally believe that 6 confirmations are safe, so you can directly write in the code: do not accept reorgs of more than 10 blocks.
6. Does it look familiar? Yes, this is the protection rule (rolling checkpoint) that BCH added during the hash war with BSV. If the theft happened on BCH, there would be no such dispute at all, because once BCH has more than 10 confirmations, it cannot be rolled back - note that it is absolutely, even if you have 100 times more hash power to dig forks, it is useless, the code does not accept reorganizations of more than 10 blocks. Isn't this the "immutability" that BTC (Core) supporters like Pan Zhibiao dream of but cannot get?
7. Has a normal 6-block rollback ever happened in history? There has hardly been even a 3-block rollback. (Except for the 6-block rollback of BSV) A 6-block rollback is an attack. Why should an attack be allowed to happen?
Let us trace the origin and explain what kind of event this was.
First of all, we need to know the relationship between exchanges and the Bitcoin network. After an exchange is connected to the Bitcoin network, the exchange has a Bitcoin network address. Under this Bitcoin network address, many user accounts are established. All transactions and transfers between users have nothing to do with the Bitcoin network, and the total amount in the Bitcoin address owned by the exchange remains unchanged.
This time, the stolen bitcoins from Binance have been transferred out of the exchange address, and the transactions have been recorded in the blocks. The stolen amount is about 300 million yuan.
If you want to reorganize this block, what process do you have to go through?
We all know that blockchain is a chain structure, and it is also chain-propagated when broadcasting, forming an infinitely extended chain among many nodes. All nodes on this chain are full nodes in the Bitcoin network, that is, nodes that have the entire ledger.
In the full ledger nodes, the transaction information in this block is broadcasted from the node that successfully mined, and synchronized to all full nodes. When the stolen 7,000 BTC were transferred out, they were recorded in the block 575013, which contained a total of 48 transactions.
If the block is reorganized, as Jiang Zhuoer said, after the 575012 block is mined, the next node that produces the next block will start broadcasting the new 575013 transaction data. The transactions in this block will remove the transaction hash transferred by the hacker. However, the chain broadcast has been producing blocks since the 575013 block. Calculated at one block every ten minutes, the accumulated blocks have exceeded more than 280.
If the reorganized data is to be recorded in the entire ledger, it is necessary to form a chain starting from the broadcast node 575013 that exceeds the original verification node. This is the method of double-spending attack. The chain formed by the original miners through mining, verification, and broadcasting, as well as the mined blocks, will be invalidated or form another forked chain.
If the original chain and blocks are invalidated, then as Pan Zhibiao said, miners who do not participate in the reorganization will suffer greater losses. This is because miners of the reorganized chain and blocks have re-mined blocks and rewards, while if there is no fork, the original mined chain and blocks have been covered by the reorganized chain and have no value.
This also involves the issue of mobilizing miners, or the issue of calling on computing power. The entire Bitcoin network's computing power will calculate random numbers without division, and the output of these calculations is the full node, which may be an independent miner or a mining pool.
If the reorganization begins, Binance needs to mobilize at least 51% of the computing power resources, which will definitely be related to mining pools and mining farms. In Pan Zhibiao's analysis, it is mentioned that it is possible to find more than half of the computing power resources with Binance's strength and financial resources.
However, the key factors mentioned are the block rewards and the centrist miners. When reorganizing blocks and chains, computing power will inevitably be consumed, and in theory, all of this will be borne by Binance. The profit-seeking nature of miners is likely to lead to some miners being willing to switch computing power to the reorganized chain to gain benefits. Miners who have a deeper belief in the immutability of Bitcoin consensus are very likely to remain unmoved, and instead begin to protect the mined blocks and formed chains in order to maintain Bitcoin consensus, making the reorganization unsuccessful.
The inevitable result of this situation is a hard fork, where the opposing miners form an old chain with stolen information and a new chain without stolen information, which is what Jiang Zhuoer said was the DAO event that formed ETH and forked out ETH and ETC.
After analyzing this, the feeling about whether to reorganize this time is that it all depends on Binance's judgment on the value of 7,000 BTC. Is the loss of about 300 million RMB important enough for Binance? This will determine whether to use a fork to recover the lost BTC, but Binance has decided not to reorganize at present.
As time goes by, the Bitcoin network is producing blocks, and the corresponding restructuring costs are getting higher and higher, and the possibility of the future is slowly decreasing. However, the impact of this incident on the Bitcoin community has brought up the consensus again, just like the BCH and BSV fork incident, which once caused a short-term reduction in computing power and heated discussions. The Bitcoin consensus cannot be challenged. (Golden Finance)