state of donations, new bitcoin address

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On behalf of the Tahoe-LAFS Software Foundation, I'm pleased to update folks on the current state of our bitcoin donations, and to publish a new donation address. Until recently, I was dreading making this update. There's a story to tell :-). We currently have 375.519076 BTC. There is another 3.97784278 BTC that we expect to transfer in shortly. # Episode 1: Attack Of The Coins Peter (our boss back at AllMyData, where Tahoe originated) first published a bitcoin donation address (13Grd..) to the wiki on August 21st, 2010, with an initial donation of 17 BTC ($1.19 at the time). The address was updated a few days later (to 19jzB..). In the first four months, we received 205 BTC. At the going price of $0.24/BTC, this was worth $50. Our windfall would would buy us a couple months of hosting, or some pizza, but not both. Since we didn't have any particular plans for the funds, nobody really paid attention to them. We continued to get an occasional donation: about one or two per month. Each was for a small amount (in dollars). With the exception of two very generous contributions ($617 in 2012, $432 in 2013), the mean value was just $7, and the median was $3. The total value of all 74 donations (2010 to the present) is $1568.07. I.e. if every donor bought BTC with dollars from their pocket the moment before they made the donation, the pockets gave up less than $1600. Two and a half years passed, and the price of BTC grew by a factor of 100. In January of 2013, it was trading at $15/BTC, and we were sitting on about $6000. # Episode 2: Revenge of mkfs And that's when we had some horrible news. I got a message from Peter, who told me a sad story. The bitcoind wallet which held the private keys was stored on a single laptop. A combination of errors resulted in that laptop being erased and reformatted: miscommunication between the owners of the laptop, lack of awareness of where the keys were held, and a basic misperception of the value of those funds. On January 29th 2013, we removed the donation key from the website to discourage anybody from throwing further money into /dev/null. Peter remembered making a few Time Machine backups of the drive in question, but we didn't know where they were. One likely backup was discovered to have been reformatted and filled with childrens cartoons. The drives were imaged anyways, and I wrote forensic tools to scan the unwritten sectors for bitcoind wallet-like values, but had no success. Peter searched his house top to bottom, looking through over 50 hard drives, trying to find the wallet.dat file. No luck. Meanwhile, I prepared a new key, on an isolated machine, with no machine-readable copies left lying around to be stolen. I distributed hard copies, by hand, in sealed envelopes, to trusted backup custodians on multiple continents. The plan was to write up a long (embarrasing) blog post, announce the new key, explain how we would take more care with it this time, and humbly apologize to those donors whose funds we managed to lose. However we never got around to publishing that key: I kept hoping we'd find a recoverable backup somewhere, and we were all reluctant to admit our mistakes. The embarrassment got worse as the price of BTC shot up dramatically: at the peak (November 2013), it hit $1147/BTC, making this a $430,000 accident. Ouch. We managed to put the incident out of our collective minds for a few years. Tahoe development continued on. Peter moved (twice). The price dropped to its present (mostly-stable) value, about $410/BTC. # Episode 3: A New Hope But I'm glad to report the story has a happy ending. On 8-Jan-2016, I got another message from Peter. Good news! He found a backup drive with the private keys. In a moving box, buried underneath a pile of shoes. Two houses later. I surveyed the custodians of the hand-delivered copies of the key I prepared in 2013, and found that nobody could remember where they put that envelope. Oh well. I've created a new bitcoin key, following the same procedure, and distributed it in a similar fashion. At least two copies are etched onto stainless steel plates, in the hopes that the information might survive a fire. And I'll be following up with the custodians to make sure they keep track of the copies this time. The new donation address, to which we have moved all the previous funds, is: 1PxiFvW1jyLM5T6Q1YhpkCLxUh3Fw8saF3 I've committed a file with a description of our donation key, how we intend to use these funds (just hosting/registrar fees for now), and the transparent accounting approach we plan to use, into the Tahoe source tree, at: https://github.com/tahoe-lafs/tahoe-lafs/blob/master/docs/donations.rst The file is signed by the Tahoe-LAFS GPG release-signing key. Potential donors should check both properties (git commit and GPG signature) before considering donating funds (the release-signing key is held only by me, and checking in a file requires commit privileges). # Advice For Others Purely-digital currencies are exciting, but they stretch our human intuitions about what qualifies as "valuable". We're used to wealth having certain physical attributes: expensive things tend to be heavy, shiny, intricate, fragile, pretty, or old. Even paper money has a particular color, smell, and texture, and we're really good at tracking it (quick: where is your wallet right now?). But ECDSA private keys don't trigger the same protective instincts that we'd apply to, say, a bar of gold. One sequence of 256 random bits looks just as worthless as any other. And the cold hard unforgeability of these keys means we can't rely upon other humans to get our money back when we lose them. Plus, we have no experience at all with things that grow in value by four orders of magnitude, without any attention, in just three years. So we have a cryptocurrency-tool UX task in front of us: to avoid mistakes like the one we made, we must to either move these digital assets into solid-feeling physical containers, or retrain our perceptions to attach value to the key strings themselves. One of the reasons I spent my weekend engraving secret words into metal plates was to give them some heft: it's harder to treat something carelessly when it feels solid in your hand. Maybe the next step is to etch silver bars, or gold-electroplate some bricks ("heavy: check! shiny: check! must be valuable"). Or write them on the back of a classic-looking oil painting (old: check!), or on one of those mirrored crystal orb sculptures you get at the mall (shiny+fragile: check!). Anything to trigger our sense of "oh, I should keep track of this thing, it's probably important". But for now, I'm just relieved that Peter needed to look through those shoes. cheers, -Brian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJW77GdAAoJEL3g0x1oZmp6FgoH/RmvNh/XYyw/hT66Kj8IEskQ DOCky8i8lnEPfj949S4eDf2qDSsUVbpT870ixXP0quogmRUisTeQjtd/rS6Y8gaN Wkn5z8GE+alfuAJkWxTHtaExASHFXCeiuJ5uMjEpKzbMb4xwO/FjJhz94XFrgZg7 RvndiQo/V8T5p0kyViSFOW4VHkq/p4QtS6QiKDPDDJdGWeZw3iLUhlrXlT1J+AKD p3SfC41VFRXs4vvmonheXqJo9baJj391BKEHU1/EPOAKkXdNXQwvESqlTGSghug2 QB+lFiaCrr9oeQPeaYLx9EY5yer/vA7Z17LrmI9r44zuMX+UdkjrI5ubGxoIo+Y= =q9+r -----END PGP SIGNATURE-----