Neo: Add new transaction type "unspent" to allow burned coins to be retreived.

So how can we tell which addresses are bad addresses?

Coranos' title refers to "burned coins" while I think of them as "locked" or lost.

My Neo is sitting on the block chain. ...I can document how they got there.
Anyone can view them. No one can access them.
Are they mine? Do they belong to the public domain?
Do we consider this a "bad address" as questioned above?
What are the rules for "reactivating" "locked" crypto?

The list of losses above, is very minor, when compared to this same concept across all crypto currencies.
A tool like this could save a lot of broken hearts, and disappointed users.

What does the Crypto community feel should or can be done, with unclaimed and unusable crypto on the block chain(s)? What can be done for the good of all?

If we keep asking the questions, the right ones will get answered.

It takes about 10 years for a concept to catch on and become popular.
(telephone, electricity, automobile, internet, email, facebook, and now crypto is 9 years old)

In the early 80s the personal computer became popular. In the early 90s the concept of "plug -n-play" came into use, sure made the computer user experience easier, and created widespread popularity.
Until we develop a concept like this in the crypto world, it is our job, as pioneers, to leave a smooth path for others to follow.

There is no need to determine if an address is "bad" or not, the question is not relevant, as I will illustrate below. It will sound very strange, I just hope you understand and agree with me.

Every contract transaction that has not been spent, and is not an "unspend" transaction can be acted on by "unspend".

So, for example, this transaction could be "unspent"
https://neotracker.io/tx/90551a4b7c941f105be2ecd186b79e640a06d475b834990edaeeb473756e1e0a
sending 35,000,000 back from AQVh2pG732YvtNaxEGkQUei3YA4cvo7d2i to AWHX6wX5mEJ4Vwg7uBcqESeq3NggtNFhzD.

How could AQVh2pG732YvtNaxEGkQUei3YA4cvo7d2i secure his NEO from an "unspend"?
Send all his neo to himself.

for example, this transaction cannot be "unspent":
https://neotracker.io/tx/31819bb88636869e94cd6e8f5125c738d60ded4ecd91aeaa03a1b9ae5c563ab0

AXSoNQEKjmqPBNPg5cNrHyWivfjok3Vj9D sent 11,198 NEO to themselves.

Even if you did "unspend" that transaction, the NEO would go from AXSoNQEKjmqPBNPg5cNrHyWivfjok3Vj9D to itself, and then be unavailable for another "unspend".

This is similar to the way the NANOS coin handles their block lattice (which is where I got the idea), they require two transactions, a "Send" and a "Receive". This would require everyone's wallets to automatically "spend" any new inputs, to prevent an "unspend". That's the tradeoff, you can have reversible transactions, but need people to log into their wallets to receive funds.

You could add a 90 day timeout period if you wanted to, in order to give ample time for people to check their balance.

It can be implemented as a smart contract very easily.

I'm aware that NEP tokens can be reversed. This is about NEO, which cannot be reversed.
In addition, ONT tokens were airdropped to these addresses.

Also, numero41, patience. This is the first time in the history of the world that we have a chance to do something like this. The chance to do something great. Don't let your passion overcome your reason. Emotion, yet peace.

Getting a reversible token, so the average person who is not technical can be safe from typos and random hardware faults.

As of right now, a single wrong keystroke can cost you .. everything. Or keep the private key in a file on your computer, which can also cost you everything if you get a virus.

Nobody in my extended family is going to use crypto as a method of payment if it's that brittle. They don't type that well. (This is true, when asked about crypto over the holidays, my advice was to stay out)

Thanks DL, I saw it earlier today.

Please keep the conversation to NEO, as this is the NEO github. There are many companies involved in this problem, but we can only fix it if we focus on each individually.

I don't want this incident closed because we kept getting off track, like the last one.

I have the same problem, basically a missing MEW wallet whilst using the nano ledger s, I correctly went into MEW through the nano, sent tokens amounting to roughly 2000 dollars and now the nano is not showing the address and I obviously have no access to the private key, I’ve received 1 email from nano support in a week and I’d very much like to retrieve my coins as they are quite a large portion of my portfolio. I’ve sought advice for this issue but had no luck retrieving them yet what’s our course of action dies anyone have any ideas how to get these tokens bank?

Good day,

I am Indeed one of the early victims of this issue and glad all attempts are being made to fix it. In August when Neo released the 0.03 wallet version and the announcement was made about how to earn gas, I transferred a total of about 319 NEOs to my wallet address. Before this I transferred 2 Neo to test it and earned gas for 2 days. The wallet froze at some point, I logged out and lo and behold I could not access the wallet again, till date it’s still inaccessible. That is roughly about $26K of today’s worth. As an early investor in NEO, this experience has been heartbroken till date. After several attempts contact COZ from August till c October that have not been any solution. I still see the Noe on neotracker and it’s still unspent, sitting there.

Apparently, when I tried to log back in, it had created another key. I have all the proof from the exchanges I transferred to and fro. Can this new feature help in any way please? I’m desperate to have my coins back.

@kryptob

Were you using the Ledger Nano to make those transactions?

About this new feature, Coranos knows much more about it than me as he implemented it, but I can surely say that it'll avoid this in the future, but won't reverse the previous "corrupted" transactions

Hi,

Thanks for your response, ledger Nano had not been released then. I was using the 0.03 version of the desktop wallet. It was after the issues that COZ released a quick update to the wallet but I’ve been unable to retrieve my coins till date. Infact the only access to the wallet was using private key. It was after we complained (it happened to a few of us back then) that an improvement was made to the wallet to include other routes e.g. passphrase , passwords of accessing it. It happened in August 2017, my coins are still there untouched so this is no scam or anything of such. I have all the proof of ownership as I moved them from exchanges and can provide any necessary information.

We all have all proofs and necessary informations you mention, but it won't help you in any way.

For now we never had any information that could let us hope for a way to gain access again to the wallets.
The only hope would be to find a kind of responsibility of some of the parts involved in the transactions.

This crypto world has no regulations yet, and for now not anyone (wallet developers, Ledger, exchanges, etc) can be taken as responsible for any loss if you can't prove that you didn't make a user error.

The only way for any of us to have any kind of help/hearing, is to be able to reproduce the "bug", so that the source of it can be identified.

Once it'll be identified, actions can be taken to find who's responsibility it is, and how to get leverage to have a compensation.

But once again, I would avoid kind of hope if I were you (I lost about the same amount as you did), which doesn't prevent you from continue to search, raise awareness, and seek for tech people that could give a try to find what happened in exchange for a compensation (like 20% of the funds)

For me it is only logical that for lost coins, they can burn those coins using smart contract and subsequently mint new ones as replacement to the address they were sent from or can be reclaimed by the legitimate owner if proofs are available. What are the specifics of the features Coranos is working on?

If your private key doesn't derive the correct public key anymore, you can't prove you're the owner, that was my point.

What kind of proof are you talking about? Transactions records from your exchange account history + blockchain explorer txids? That's not enough!

Let me give you an example :
You have a very good friend to who you want to send some coins, he gives you his wallet address, you make the transactions, and you have all of them recorded on the exchanges, and blockchain explorers.

Then you have an argument with this friend, and want your money back, but he wouldn't give it back.

In that case, you could still come here (or any kind of support), and claim you made some transactions from some exchanges to your wallet, but that unfortunately you lost access to it (like it happened to all of us).
There would be no way for anyone to know if you're saying the truth (that you were the initial owner of the wallet), unless you have the correct private key that derives the correct public one. And in that case, you wouldn't be here at all lol.

That's all the perversity of what happened to us...

Nobody is currently working on this feature request. They don't seem to care, regardless of how much proof there is.

I do not know how to get them to care, as I have tried all I could.

@numero The case you mentioned is an outlier. There’s some level of proof if one can confirm that your stuck coins emanated from an exchange account you own, that is often times near accurate that you owned the coins. The case you eluded to is exceptional.

@Coranos, is this feature possible technically at all? Where they burn the stuck coins and mint another in replacement for you as long as you can proof you own them. Since it’s open source, can any developer build this feature and have COZ commission it. If I’m not mistaken, the total value of lost coins/ stuck coins should be nearing $1m mark if not more.

The feature is technically possible. As said above, it's actually very easy to do as a smart contract.

However you would need to convince NEO to run the modified code on their consensus nodes, or there's no point. I do not think it is possible to convince NEO to run the modified code on their consensus nodes.

Their original whitepaper mentioned the feature (reversible transactions), but it is currently absent from the whitepaper and the code. I didn't save a copy of the whitepaper, and the link is dead, so I have no proof.

_"There’s some level of proof if one can confirm that your stuck coins emanated from an exchange account you own, that is often times near accurate that you owned the coins."_

I want as much as you to get my coins back!

Can you give me ONE example where someone "proved" its ownership to a wallet using this argument?
I wish there were... In that case we all have our proofs ready to go.

''Their original whitepaper mentioned the feature (reversible transactions), but it is currently absent from the whitepaper and the code. I didn't save a copy of the whitepaper, and the link is dead, so I have no proof.''

I kid you not. There were about a few of us affected, we saw the feature in the white paper as well. I think one of the guys saved it, it was on the Antshares, then on Neo when it was rebranded. After our complaints, they removed that section and replaced the whitepaper. They specifically stated that transactions as such could be reversed.

@numero41 i agree with you, proofing ownership from a wallet is hard, but if you can prove it on an exchange that is easy. The transaction IDs are recorded, the wallet address where it emanated from are also there and i'm sure support in exchanges will be able to help as well.

@kryptob

You know, that was the first thing I told myself, 4 months ago when it happened to me, that I had all the necessary informations and that no one could contest it, I have my exchanges accounts, which I am the only one to access for sure, the txids, everything that shows that I for sure did made the transactions this exact day, at this exact time, with those exact amounts, etc.

Then I was told almost immediately from everywhere (in answer to my first posts) that I wouldn't get anything looking in that direction, so I didn't event contacted the exchanges about that.

Anyway, as the transactions can't be reversed, the only way to get our money back is to find some part that has to be taken as responsible for the loss, and willing to give the same amount in compensation for a malfunction, right?
What exchange would help in any way in that direction?

On your side, did you make any try about it?

@coranos
Who in the Neo team would be most likely to help you implement your idea in this thread?
Who else in the community has shown any interest?

What additional venues would be good to pursue a campaign to push for this?

Imagine how the whole crypto community would be with this as a standard feature.

@erikzhang would be the only one I know who would be able to implement Unspend transactions.

Most times I mention reversible transactions, people are hostile to the idea. "Caveat Emptor" as they say.

We are looking for something between "Caveat Emptor" and "Plug and Play"

I do not understand the reason for hostility.

fix my oops; ...Seems like a reasonable feature.

Im sorry, but if it has been lost, is lost .... otherwise, it would break the main principle of a blockchain

Good point... ...re Block Chain

Not lost... ...Just unavailable (Can be seen by block chain viewer)

Just like natural resources on a new frontier. How do we mine that?

Imagine how much value is setting on all the various block chains.
Can the community come up with a form of reclaiming.

So whats the next step?
How can we get this issue fixed?
Im having the same issue,my public NEO address has changed,when i log in using Ledger Nano i see 0 gas and 0 neo.
Showing UNSPENT in neo tracker
ANy help????
AVjDZ7VVz7foeqFmdW2R5okbjr1pTEmEBs

419 NEO

Sent to

AcWyPgfSVovTnE5rG6w3KNMCcoipjuDBxP
419 NEO

How can we get this issue fixed?
Im having the same issue,my public NEO address has changed,when i log in using Ledger Nano i see 0 gas and 0 neo.
Showing UNSPENT in neo tracker
ANy help????
AVjDZ7VVz7foeqFmdW2R5okbjr1pTEmEBs

419 NEO

Sent to

AcWyPgfSVovTnE5rG6w3KNMCcoipjuDBxP
419 NEO

Im willing to give 100 Neo to someone who can help

@erikzhang since we have seen a resurgence of burned NEO, can reversible transactions for NEO be implemented?

I'll try to design a mechanism to retrieve lost assets. But this is a long and low priority job, so please don't expect it.

Thanks a lot

Sent from Yahoo Mail for iPhone

On Thursday, July 26, 2018, 9:27 PM, Erik Zhang notifications@github.com wrote:

I'll try to design a mechanism to retrieve lost assets. But this is a long and low priority job, so please don't expect it.

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or mute the thread.

I believe that most part of the fault on this reported problems was not Neo core library, but faulty on: maybe on the Ledger Hardware; maybe on the Ledger software; or maybe Neon wallet incompatibilities (all of them are third party software's).

I am really happy to read @erikzhang last message, that there is this consideration of implementing a decentralized mechanism for recovering lost assets. You all could also count with me on designing that.

Another possibility that come into my mind now maybe could be something to recover during NEO 3.0 upgrade to native contracts. But, as Erik said: "this is a long and low priority job, so please don't expect it.".

It could definitely be a problem with the ledger, or any of the other moving parts.

More coins than just NEO had it happen. All the software involved is under a limited liability license so it doesn't really matter who cause the problem, nobody has liability.

I still think it would be a useful feature to be able to unspend coins in cases where it is obvious the spend was faulty. Blockchain purists say this breaks a fundamental aspect of the chain. But widespread adoption won't happen if yo can accidentally lose everything, with no method of retrieval.

@coranos, maybe the focus now should be more related to native contracts since global assets as UTXO are planned to be migrated to native contracts (PR #639).

@erikzhang perhaps I have an idea. Since Hash160 is an unreversible and unpredictable function, if someone manages to understand the algorithm that lead the the address failure, we can reverse these tx without breaking any principle (nor dangering no one's assets). For example, suppose the wrong function has added 1 to the scripthash (I don't know if that was the case!!!), no one would ever be able to generate a private/pubkey to match the expected script. So if, by the way, someone manages to do that, we can create a NEP that allows address on this "bad" format to be recovered. This is just a feeling, first thing would be to understand how the failure happened... and if it was a random one, it would be nearly impossible to actually know if these were correctly spent or wrongly spent.
Blockchain is all about following rules, and the value of the assets are based on their security, utility and scarsity. So if any change can be made to the network, without breaking any of these things, it could be a good thing afterall.

Hi,

What if one moved Neo from an exchange (who will have the transaction history, to a faulty wallet and the funds are still unspent till date. Is there a possibility of reversing that transaction?

On 9 Apr 2019, at 20:35, Igor Machado Coelho notifications@github.com wrote:

@erikzhang perhaps I have an idea. Since Hash160 is an unreversible and unpredictable function, if someone manages to understand the algorithm that lead the the address failure, we can reverse these tx without breaking any principle (nor dangering no one's assets). For example, suppose the wrong function has added 1 to the scripthash (I don't know if that was the case!!!), no one would ever be able to generate a private/pubkey to match the expected script. So if, by the way, someone manages to do that, we can create a NEP that allows address on this "bad" format to be recovered. This is just a feeling, first thing would be to understand how the failure happened... and if it was a random one, it would be nearly impossible to actually know if these were correctly spent or wrongly spent.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.

This all depends on how you define a 'faulty transaction'.

From my research last year the only way you could tell a faulty transaction from a real one is the faulty transaction never claimed gas.

So your choices are:
1) Have a central authority who can reverse transactions, where you submit a request and they perform an unspend transaction.
2) Allow anyone to reverse a NEO transaction up until gas is claimed, which locks the transaction.

Any third suggestion seems to be with 1) or 2) with extra steps.

I like @igormcoelho suggestion. In particular, it might be possible for the cases of the Ledger reported in this issue.
Maybe someone could investigate the reason of that faulties and try to report the possible algorithm that was executed behind and generated the faulty addresses.
If that algorithm could be reproduced it would be a great step toward a proof and a mechanism for recovering such funds.
@coranos, since you are one of the contributors of the NEO app on Ledger maybe you could try some insight about that cases reported in this thread. Following Igor's suggestion might be a good path.

@kryptob, the other cases are quite special and I think we need much more time to think about them. But we never know the future. Let's try to create something together.

@coranos, centralized agent does not currently exist in NEO (it is a multi-agent based protocol). In this sense, option 1. may be discarded.

There is no way for me to go back in time a year and a half to that hardware and software version and reproduce a problem that happened on 36 of ten million ledgers. I tried to reproduce the problem for over 80 hours from December of 2017 to April of 2018, and did not encounter the problem a single time. This is not a productive area of research.

The error rate is small enough it could literally be cosmic rays or USB bus failures. Hardware problems that would not exist on any but the faulty host's hardware.

I have not had a bug report since August 2018, so I assume ledger 'stealth fixed' this issue and will not be cooperative in researching an issue with potentially millions of dollars in liability and bad press. I asked. The email received no reply.

Centralizing agent does exist. Every time the blockchain stopped they simply distributed a new database that 'got past the stuck block'.

But if you want to ignore that and discard 1) then 2) Is your only option.

Ok, @coranos, I understand the difficulty and appreciate the efforts you already did over this, as well as the NEO app on Ledger.

About the centralized agents, I think that you confused the concept. The distributed database is a way to facilitate the synchronization.
You do not need to use that database to sync your node. There are plenty of ways to sync a node without that database.
Furthermore, NEO has block finality and two branches never existed. Just duplicated blocks that stalled clients, an issue that was recently solved with a notorious scientific advance over the topic now with dBFT 2.0.

I need to study, research and investigate more to think if 2) is really the last option.

So, uh, you will still get a stalled blockchain periodically.

MinerTransaction only has a nonce passed into it's hashing function. So you will eventually make another mining transaction which has an identical hash. Chances increase as you mine more blocks. Current chance is (3,600,875 in 4,294,967,295) so about once per thousand blocks.

When that happens, you have to centrally restart the blockchain. Happened about six times last year before I lost track.

The code line i'm talking about.

https://github.com/neo-project/neo/blob/38cac283c737de62d3631ad39f97b3c59ea8969f/neo/Network/P2P/Payloads/MinerTransaction.cs#L11

If it's fixed somewhere else, nevermind, I havn't looked in the code in a while.

Like Eric said, It's a hard problem.

I did not understand the correlation of this last point with what we were talking, @coranos, sorry. Maybe it is better to open a new issue for this discussion if you want to clarify that and discuss this possible impacts of the Minner transaction and any clarification regarding the Consensus MAS algorithm
Otherwise, we gonna run out of the scope of this thread.
There is also the Technical Specification (Yellow Paper). The dBFT chapter is almost complete, it may provide new insights about how dBFT has been running: https://docs.neo.org/en-us/08_dbft.pdf

So, uh, you will still get a stalled blockchain periodically.

Int nonce is not good entropy, but from my understanding MinerTransaction won't exist anymore on Neo 3.0, as everything will be Invocation. So, certainly it will be necessary to add more entropy to this random, and at least to adopt to cryptographically safe random generators (of much larger scale than 4 or 8 bytes, let's take 32 for example), so I'll do the issue now to not forget that: https://github.com/neo-project/neo/issues/697

As it's impossible to detect what issue caused the problem (it could be cosmic rays indeed), we should improve this in many ways: guaranteeing that the software/hardware won't do a mistake (we need to verify this transaction output somehow), and test it too (I miss testing capabilities on Neon wallet, when I just create addresses I'd love to automatically test it to make sure it works).
For proposal 2, for me all rules are acceptable on the blockchain, as long as they are public and well-known. For example, if a rule exist that funds "stalled" for over many months can be reclaimed, I won't argue against it. As long as this time is not too short, it won't affect business. I fully agree with that, blockchain is not near the current needs of regular users (even myself, I'm always scared!). This feature would be really, really important. You can count on me @coranos .

I have thought about a solution to this problem before.

If the private key of an address is lost, it means that no one can transfer the token from this address. So if the token on an address has not been transferred for a period of time (for example, one year), then we can think of the address as the "possible loss of private key" address.

For a "possible loss of private key" address, the user can send a transaction to request the withdrawal of all assets in the address, but must pledge the same amount of assets in the transaction.

If, for a period of time (for example, 5 years), no one has objected to the application with the correct signature, the assets can be transferred by the new owner. And previously pledged assets can be returned.

But if someone provides a signature to prove that he is the owner of the address, then the user who sent the withdrawal transaction is a malicious user. Then the assets pledged by the malicious user will be confiscated (Or directly forced to reward the user who provide the correct signature).

If the private key of an address is lost, it means that no one can transfer the token from this address. So if the token on an address has not been transferred for a period of time (for example, one year), then we can think of the address as the "possible loss of private key" address.

Or maybe is a Holder :P

For a "possible loss of private key" address, the user can send a transaction to request the withdrawal of all assets in the address, but must pledge the same amount of assets in the transaction.

What user? any?

The problem with this, is that we will have a lot of bots doing this job, waiting for request, if two users made a request, who win?

If is lost, is lost... 🔒

The problem with this, is that we will have a lot of bots doing this job, waiting for request

I have provided a way to prevent malicious applications in the solution.

If is lost, is lost...

I also agreed to this. I proposed this solution just for discussion.

how about withdrawal can only go back to the address it was sent from. 'unspend' implies they 'send one step backwards'.
if it's a holder, they would claim gas I would think.

Is this a possibility ?

Resend back to the address it was sent from ?

how about withdrawal can only go back to the address it was sent from. 'unspend' implies they 'send one step backwards'.
if it's a holder, they would claim gas I would think.

On 10 Apr 2019, at 10:44, coranos notifications@github.com wrote:

how about withdrawal can only go back to the address it was sent from. 'unspend' implies they 'send one step backwards'.
if it's a holder, they would claim gas I would think.

@coranos your idea is very good, seems more reasonable for me

I agree with @coranos that it should only be possible for the withdrawal to go back to the address it was sent from. It avoids a lot of the murkier implications and possibilities of such a mechanism.

Makes sense, @erikzhang, @igormcoelho and @coranos.

Maybe it can be a mix with that template drafted by Erik.
1 - After X years locked someone can claim;
2 - After Y years passed the _1)_ the funds might be go back to the address it was sent from;
3 - A security fund with, at least, half of the amount being claimed should be locked during the process. "If someone provides a signature to prove that he is the owner of the address, then the user who sent the withdrawal transaction is a malicious user" and will lose the locked coins.

This makes sense. I am in a similar situation. Moved from exchange to a wallet, buggy wallet by Neo when it was released back then, now unable to access the funds, it’s been locked for almost 2 years and I have proof of ownership. Transaction history from the exchange et al.

On 10 Apr 2019, at 14:36, Vitor Nazário Coelho notifications@github.com wrote:

Makes sense, @erikzhang, @igormcoelho and @coranos.

Maybe it can be a mix with that template drafted by Erik.
1 - After X years locked someone can claim;
2 - After Y years passed the 1) the funds might be go back to the address it was sent from;
3 - A security fund with, at least, half of the amount being claimed should be locked during the process. "If someone provides a signature to prove that he is the owner of the address, then the user who sent the withdrawal transaction is a malicious user" and will lose the locked coins.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.

@kryptob,
The core of the idea is not really related to a proof of ownership. The latter is not an easy task to be handled in a decentralized manner.

We thought about a "counter-proof of ownership" that could penalize the guy asking for a found inadequately.
Since the fund would be moved one step back I believe it would be a less prejudicial strategy and would avoid some cases where people claim funds in order to get "unpent" money.
However, such cases could still exist if the last owner tracked that the receiver did not use the fund. On the other hand, with such penalization it could be also a risk to him.

how's this for a refinement:

0 - Preconditions.

• any address with a (gas claim, invocation transaction, or outbound transaction) cannot be the target of an 'unsend' transaction. This is most of the addresses in the blockchain, as gas claiming is part of the ecosystem.
• any address with only inbound transactions can be the target of an 'unsend' transaction.

1 - After X years locked someone can claim;
2 - Claiming requires posting a bond. 10% of the locked bans.
3A - After Y years passed the 2) the funds and the bond go back to the address the locked funds was sent from.
3B - claiming gas claims the bond as well.

3A is 'happy path' where all funds get unlocked and sent one step back.
3B is 'so sorry' where the malicious user loses his bond, and the owner of the locked address gets the bond.

If is lost, is lost... 🔒

Agreed. This imposes a perpetual (or extremely long) "finality game" on all transactions which implies clients must monitor the chain and has implications on NEO's use as a form of SoV. Root chain should be simple.

NEO has a built in way to kill the finality game:
Claim gas.
If you can claim gas on a transaction, the key is known. So any bonds posted to a address with a gas claim tx in it's history are liquidated.
I'll update my comment for this case.

Claiming gas is actually incident to finalizing the game. What spends it is the self-send transaction. However, this breaks properties of cold wallets, as the private key has to be used to finalize each txn. As I said, this breaks the ease-of-use of NEO as a SoV as compared to bitcoin, claim gas function does not change that.

It's pretty trivial to click 'claim gas' or self-send the transaction to lock it in. This could even be built into the wallets as a default function.
If your argument is coin-burn should be supported as part of SOV, i do not have a counterargument as cold-wallet and coin-burn appear identical in the blockchain.

Yes. It still is a "gotcha" though - where users trying to generate a completely air-gapped paper wallet would still have to "initialize" it online first with some initial txns.

I did consider coin-burn, but it may not be relevant depending on which direction NEO 3 goes. Atm most assets that are burnt are NEP-5.

I can think of other edge cases this still breaks, such as long duration time-lock smart contracts - if accepted, the refinement would probably have to include SC as unbondable as well (not sure how hard to calculate this).

Long term smart contracts have an invocation tx, so not eligible for unsend.

Completely air gapped paper wallets and coin burns are the only use case that I can think of which look identical to an 'oops'. Even in that case, it is fairly trivial to prevent a nefarious unsend with an intermediate hot wallet and some education.

Instead of sending from Binance => Cold Paper wallet.
Send Binance => Hot Wallet => Cold Paper Wallet.
Worst case it goes to Hot Wallet, and you have a year before you have to fix it, by making a second cold wallet.
It's also never good practice to send to a completely air gapped paper wallet without any sort of fitness test because math is hard and one digit off is a coin burn.

Long term smart contracts have an invocation tx, so not eligible for unsend.

I don't get it? You can do an invocation txn with any address as the target script hash. The invocation simply fails.

Ah, I misremembered how SC's work in NEO. I thought you had to publish the SC to an address, and then invoke it.

Yea, there's probably a way to exclude SCs, but invocation txs don't work so I glossed over it. I haven't thought of what the most efficient to do that is, as I mentioned.

It's also never good practice to send to a completely air gapped paper wallet without any sort of fitness test because math is hard and one digit off is a coin burn.

That's true. But that doesn't change the point about how this complicates the node software and intrinsically changes how the chain works (e.g. the ecosystem now needs to educate the user about it - Ledger Live would need to tell users to send a txn first after receiving the first one instead of closing the window. There is a stark difference between your funds probably arrived at this address you probably control versus your funds are definitely gone after 5 years).

The proposal seems like it could work, but the added complexity is why I feel this is probably not worth it.

I wasn't aware NEO was on ledger live, I thought it required a third party app.

I don't think we will see mass adoption if regular people can lose their funds permanently from a typo.
Which is where Erik needs to make the decision on which is more important:

• Easier mass adoption, by avoiding a known blockchain pitfall.
• Avoiding a moderate increase in complexity.

Ledger Live was just an example of a wallet has a consistent interface with many blockchains and interacts with a hardware wallet.

I wasn't aware NEO was on ledger live, I thought it required a third party app.

I don't think we will see mass adoption if regular people can lose their funds permanently from a typo.
Which is where Erik needs to make the decision on which is more important:

• Easier mass adoption, by avoiding a known blockchain pitfall.
• Avoiding a moderate increase in complexity.

The NEO address format has a checksum to it, so wallets and any sending interface can guard against typos. I assumed this was just to recover certain set of funds sent to lost private keys. In which case I can think of simpler altruistic solutions.

The basis of the dilemma is correct though. I hope I've brought up enough points on the cons of implementing this!

I don't think we will see mass adoption if regular people can lose their funds permanently from a typo.

This is better as an argument for digital identity and the abstraction away from private keys.

Absolute finality is something unique that NEO lays sole claim to in this industry. Perhaps it is better not to disturb those foundations and just better prepare ourselves for users.

Would it be possible to organize a smart contract, prior to the migration to NEO 3.0, that can return such cases as a one-time deal? In the future, if UTXO's are abolished, this entire conversation becomes pointless anyway.

@erikzhang perhaps we should unspend all these "unspent" tokens (never sent to itself) during Neo 3.0 migration, what do you think?

I'm proposing a "new NEP-7" that will make these situations nearly impossible to happen for the future: https://github.com/neo-project/proposals/issues/89

Given that there's 5 transactions total (check google doc for neo transactions, most are eth) I think the most practical solution is to unspend the transactions as part of the 3.0 migration.

In the future, if UTXO's are abolished, this entire conversation becomes pointless anyway.

Totally agree, any idea?

ALL, i am repeating this initial issue i raised back in April 2018. It's on this chain. Will Neo 3.0 provide insight to resolving this?

''Good day,

I am Indeed one of the early victims of this issue and glad all attempts are being made to fix it. In August when Neo released the 0.03 wallet version and the announcement was made about how to earn gas, I transferred a total of about 319 NEOs to my wallet address. Before this I transferred 2 Neo to test it and earned gas for 2 days. The wallet froze at some point, I logged out and lo and behold I could not access the wallet again, till date it’s still inaccessible. That is roughly about $26K of today’s worth. As an early investor in NEO, this experience has been heartbroken till date. After several attempts contact COZ from August till c October that have not been any solution. I still see the Noe on neotracker and it’s still unspent, sitting there.

Apparently, when I tried to log back in, it had created another key. I have all the proof from the exchanges I transferred to and fro. Can this new feature help in any way please? I’m desperate to have my coins back.''

I assume Noe can work with Exchanges / Exchange wallets where funds were moved from to verify ownership. Most exchanges now have KYC processes to verify users, and there are confirmation emails from exchanges to confirm when funds were sent to these locked wallets.

I have thought about a solution to this problem before.

If the private key of an address is lost, it means that no one can transfer the token from this address. So if the token on an address has not been transferred for a period of time (for example, one year), then we can think of the address as the "possible loss of private key" address.

For a "possible loss of private key" address, the user can send a transaction to request the withdrawal of all assets in the address, but must pledge the same amount of assets in the transaction.

If, for a period of time (for example, 5 years), no one has objected to the application with the correct signature, the assets can be transferred by the new owner. And previously pledged assets can be returned.

But if someone provides a signature to prove that he is the owner of the address, then the user who sent the withdrawal transaction is a malicious user. Then the assets pledged by the malicious user will be confiscated (Or directly forced to reward the user who provide the correct signature).

Hi friends, I just wanted to check in and see if we are any closer to designing a solution to help those who may have lost access to their NEO, whether due to losing their private keys, sending to wrong addresses, etc? Especially in light of the NEO 3 mainnet migration occuring soon?

Some background on me- I heard about and started buying NEO back in October 2017. I had bought a Ledger Nano S in August 2017 and was using that to store my NEO. In March 2018, I sold everything and got out. Fast forward to late 2020- after moving a few times and getting married, I start buying NEO again. In February 2021, I find my Ledger Nano S and once again, put all of my NEO on there. I assume I still have my seed phrase lying around somewhere. However, 2 weeks ago, my Ledger reboot automatically, and the contents were wiped. I looked everywhere for my seed phrase, but couldn't find it.

The total # of NEO sitting in my wallet is over 1300.

As such, I'm wondering if there are there any plans to help deal with this issue? I saw some pretty good ideas above, including what Erik suggested (see quoted section). Also, I believe @RavenXce stated that there may be more altruistic, simpler ways to address this. I know we want finality for NEO, but if some coin burns do need to take place, would it be possible to do this before the final migration to NEO3?

In case you are wondering, I have all proofs of all transactions from my exchange to my public wallet address, where the NEO is stored. In fact, since I haven't upgraded the firmware, my Ledger Nano S still has a firmware bug whereby the flash memory is not cleared, meaning you can probably even see the address where the NEO came from, which is linked to my exchange wallet.

If anyone is able to help me, I'm willing to donate a portion of my NEO (say 10%) to help solve the problem and to compensate for peoples' time. Please let me know, thanks...

Best Regards,

Rob

@erikzhang @igormcoelho @coranos

My Neo is still in my address which I lost, I also have all the proof to back this up from all the exchanges I transferred from. It will be great if a solution can be done to fix this.

On 29 Apr 2021, at 15:19, flashrob01 @.*> wrote:


I have thought about a solution to this problem before.

If the private key of an address is lost, it means that no one can transfer the token from this address. So if the token on an address has not been transferred for a period of time (for example, one year), then we can think of the address as the "possible loss of private key" address.

For a "possible loss of private key" address, the user can send a transaction to request the withdrawal of all assets in the address, but must pledge the same amount of assets in the transaction.

If, for a period of time (for example, 5 years), no one has objected to the application with the correct signature, the assets can be transferred by the new owner. And previously pledged assets can be returned.

But if someone provides a signature to prove that he is the owner of the address, then the user who sent the withdrawal transaction is a malicious user. Then the assets pledged by the malicious user will be confiscated (Or directly forced to reward the user who provide the correct signature).

Hi friends, I just wanted to check in and see if we are any closer to designing a solution to help those who may have lost access to their NEO, whether due to losing their private keys, sending to wrong addresses, etc? Especially in light of the NEO 3 mainnet migration occuring soon?

Some background on me- I heard about and started buying NEO back in October 2017. I had bought a Ledger Nano S in August 2017 and was using that to store my NEO. In March 2018, I sold everything and got out. Fast forward to late 2020- after moving a few times and getting married, I start buying NEO again. In February 2021, I find my Ledger Nano S and once again, put all of my NEO on there. I assume I still have my seed phrase lying around somewhere. However, 2 weeks ago, my Ledger reboot automatically, and the contents were wiped. I looked everywhere for my seed phrase, but couldn't find it.

The total # of NEO sitting in my wallet is over 1300.

As such, I'm wondering if there are there any plans to help deal with this issue? I saw some pretty good ideas above, including what Erik suggested (see quoted section). Also, I believe @RavenXce stated that there may be more altruistic, simpler ways to address this. I know we want finality for NEO, but if some coin burns do need to take place, would it be possible to do this before the final migration to NEO3?

In case you are wondering, I have all proofs of all transactions from my exchange to my public wallet address, where the NEO is stored. In fact, since I haven't upgraded the firmware, my Ledger Nano S still has a firmware bug whereby the flash memory is not cleared, meaning you can probably even see the address where the NEO came from, which is linked to my exchange wallet.

If anyone is able to help me, I'm willing to donate a portion of my NEO (say 10%) to help solve the problem and to compensate for peoples' time. Please let me know, thanks...

Best Regards,

Rob

@erikzhang @igormcoelho @coranos

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or unsubscribe.

Im willing to give 50% if we can find a solution

Sent from Yahoo Mail for iPhone

On Thursday, April 29, 2021, 8:26 AM, kryptob @.*> wrote:

My Neo is still in my address which I lost, I also have all the proof to back this up from all the exchanges I transferred from. It will be great if a solution can be done to fix this.

On 29 Apr 2021, at 15:19, flashrob01 @.*> wrote:


I have thought about a solution to this problem before.

If the private key of an address is lost, it means that no one can transfer the token from this address. So if the token on an address has not been transferred for a period of time (for example, one year), then we can think of the address as the "possible loss of private key" address.

For a "possible loss of private key" address, the user can send a transaction to request the withdrawal of all assets in the address, but must pledge the same amount of assets in the transaction.

If, for a period of time (for example, 5 years), no one has objected to the application with the correct signature, the assets can be transferred by the new owner. And previously pledged assets can be returned.

But if someone provides a signature to prove that he is the owner of the address, then the user who sent the withdrawal transaction is a malicious user. Then the assets pledged by the malicious user will be confiscated (Or directly forced to reward the user who provide the correct signature).

Hi friends, I just wanted to check in and see if we are any closer to designing a solution to help those who may have lost access to their NEO, whether due to losing their private keys, sending to wrong addresses, etc? Especially in light of the NEO 3 mainnet migration occuring soon?

Some background on me- I heard about and started buying NEO back in October 2017. I had bought a Ledger Nano S in August 2017 and was using that to store my NEO. In March 2018, I sold everything and got out. Fast forward to late 2020- after moving a few times and getting married, I start buying NEO again. In February 2021, I find my Ledger Nano S and once again, put all of my NEO on there. I assume I still have my seed phrase lying around somewhere. However, 2 weeks ago, my Ledger reboot automatically, and the contents were wiped. I looked everywhere for my seed phrase, but couldn't find it.

The total # of NEO sitting in my wallet is over 1300.

As such, I'm wondering if there are there any plans to help deal with this issue? I saw some pretty good ideas above, including what Erik suggested (see quoted section). Also, I believe @RavenXce stated that there may be more altruistic, simpler ways to address this. I know we want finality for NEO, but if some coin burns do need to take place, would it be possible to do this before the final migration to NEO3?

In case you are wondering, I have all proofs of all transactions from my exchange to my public wallet address, where the NEO is stored. In fact, since I haven't upgraded the firmware, my Ledger Nano S still has a firmware bug whereby the flash memory is not cleared, meaning you can probably even see the address where the NEO came from, which is linked to my exchange wallet.

If anyone is able to help me, I'm willing to donate a portion of my NEO (say 10%) to help solve the problem and to compensate for peoples' time. Please let me know, thanks...

Best Regards,

Rob

@erikzhang @igormcoelho @coranos

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or unsubscribe.

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or unsubscribe.

I understand the tragedy of lost coins, but the unique proof that can proof that you are the owner of one wallet is the private key, any other move it's based on trust.

With the migration it could be possible, but I think that the damage could be worst than the benefict, we could lost trust in our blockchain. We can convert the migration in a fork, and honestly I don't like it.

Agree @shargon, I don't think there's anything we can do for addresses where someone lost the private key. But maybe we can do something about these unspent situations.

Imagine for example if you could claim the NEO that you sent to another address which remain unspent. If that address has not completed migration by the end of Neo2's life (i.e. this NEO would be lost anyway) the sender/claimant will be able to claim it on N3 and recover their funds.

it can be addressed to the community at large, i don't think trust will be impacted, if anything it will be improved as all of us affected were a few back then, it was the same issue around the same period, so this is ringfenced.  My only mistake was saving the incorrect private key as i did not know the Neo wallet then (version 0.0.7 ) had been downloaded.  It can be tracked back to Binance exchange, where i bought Neo, and Binance has all my KYC details including passports and ID.  That alone is trust that i own the transactions on the centralised exchange and also the coin . 
Please help, it's a lot of coins that may be lost till eternity.  
On Thursday, 29 April 2021, 16:02:30 BST, Shargon @.*> wrote:

I understand the tragedy of lost coins, but the unique proof that can proof that you are the owner of one wallet is the private key, any other move it's based on trust.

With the migration it could be possible, but I think that the damage could be worst than the benefict, we could lost trust in our blockchain. We can convert the migration in a fork, and honestly I don't like it.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or unsubscribe.

This is the equivalent to adding a time lock to every transaction, which is a standard part of DeFi and atomic swaps.

I don't think adding a time lock to ~20 transactions as part of the 2.0 to 3.0 conversion would cause people to lose trust in the blockchain.

I actually think it would increase trust. As soon as Tesla started accepting bitcoin they had several transactions that went into limbo because the tx was sent outside the 30 minute window and their payment processor ignored the transaction. Adding a default time lock to transactions prevents this from happening.

I have many such examples. Send to an exchange under the min deposit limit. Sent to wrong address because exchange changed address. Sent to ledger where ledger fixes a bug and the derivation path changes.

NEO could be ahead of the game if they add timelocks as an option to every transaction.

Can the time lock be applied retrospectively?

On 29 Apr 2021, at 16:14, coranos @.*> wrote:


This is the equivalent to adding a time lock to every transaction, which is a standard part of DeFi and atomic swaps.

I don't think adding a time lock to ~20 transactions as part of the 2.0 to 3.0 conversion would cause people to lose trust in the blockchain.

I actually think it would increase trust. As soon as Tesla started accepting bitcoin they had several transactions that went into limbo because the tx was sent outside the 30 minute window and their payment processor ignored the transaction. Adding a default time lock to transactions prevents this from happening.

I have many such examples. Send to an exchange under the min deposit limit. Sent to wrong address because exchange changed address. Sent to ledger where ledger fixes a bug and the derivation path changes.

NEO could be ahead of the game if they add timelocks as a default to the transactions.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or unsubscribe.

Since they are making a new chain for 3.0, it could be implemented then as part of the conversion.

Otherwise only by changing the code to allow it. NEO is centralized, so you could allow an unspent only if all validators agree on the tx, and hard code a list of the ~20 transactions that are allowed to be unspent.

But it sounds like the devs don't want to do it. So we just have to wait for another chain to do it.

Coranos,

You mentioned that there are about 20 known transactions that would fall
under the "wrong address" or "locked out" classification. I guess with my
situation, it would be about 21. :P

As such, do you think it would be a good idea to start to aggregate an
official list somewhere, so that we could send to the developers to
potentially petition and rectify the situation before the final migration
to 3.0?

If so, I suggest that an official committee should be appointed by the
developers to examine and approve each of the 21 transactions individually,
including detailed examination of transaction ID's, sender/recipient
addresses traced to sender/ recipient (i.e. an exchange backed by full-on
KYC docs or even physical hardware device).

Of course, this would be a time consuming process, so every petitioner must
be willing to fork over a portion of their stranded wallet amount to
compensate the committee and developrs for their time to do this (say
5-10%). I think those of us who have legitimately been locked out of our
accounts would be willing to do this. At this point , the value would
probably be at least 500-1000 NEO that could be awarded to a committee for
approving about 20 transactions. Wouldn't be a bad paycheck for not too
much work?

As Erik said, each petitioner should also stake an additional amount that
would be kept by the committee if the petitioner was found to be
fraudulent. These amounts could also be timelocked for a period (say one
year) to give the community time to process the transaction and make sure
the petitioner doesn't just run off.

I realize that doing this action could open a bag of worms, but as coranos
mentioned, it is all too easy to make a costly mistake that could
jeopardize years' worth of savings. NEO wants to be the digital asset chain
for the world, and we are all actively supporting NEO in achieving this
mission. But if such a large loss can happen so easily and without hope of
remedy, how would that goal ever be achieved?

Perhaps such a review process should only be done during large events (like
a chain upgrade), which happens every few years or so. I think the benefit
of implementing such a program would far outstrip the costs, from time,
financial, and community trust perspectives.

What do you guys think of these ideas?

Cheers and thanks for listening,

R

On Thursday, April 29, 2021, coranos @.*> wrote:

Since they are making a new chain for 3.0, it could be implemented then as
part of the conversion.

Otherwise only by changing the code to allow it. NEO is centralized, so
you could allow an unspent only if all validators agree on the tx, and hard
code a list of the ~20 transactions that are allowed to be unspent.

But it sounds like the devs don't want to do it. So we just have to wait
for another chain to do it.

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/neo-project/neo/issues/195#issuecomment-829340848,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/ATKUVZMWO6222FTMRSYHCZ3TLF37XANCNFSM4EVUFB2A
.

The list of addresses, emails, and details is in the google doc in the original comment.

I think the actual number was 14, making yours 15. Perhaps a few others, as I've been contacted on reddit periodically about it.

Without buy-in from the dev team I see this as a lost cause. If the dev team doesn't see this as a problem, they aren't going to fix it.

As a developer, I invest time rather than money.
As far as I can see, NEO isn't really worth my time.
So I would look for another coin that does support time locked transactions, as that one will become dominant if we ever get mass adoption.

FYI,

Beefy finance and pancake bunny had a similar issue, they are both on the binance smart chain. The developers worked together to burn the lost tokens and reissued new tokens to users

On 30 Apr 2021, at 16:13, coranos @.*> wrote:


The list of addresses, emails, and details is in the google doc in the original comment.

I think the actual number was 14, making yours 15. Perhaps a few others, as I've been contacted on reddit periodically about it.

Without buy-in from the dev team I see this as a lost cause. If the dev team doesn't see this as a problem, they aren't going to fix it. I invest time rather than money. As far as I can see, NEO isn't really worth my time. So I would look for another coin that does support time locked transactions, as that one will become dominant if we ever get mass adoption.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or unsubscribe.