> I think the observation about Target vs Bitcoin exchanges is a sharp one,
> but I'm not sure how your proposal helps. You say it's an optional identity
> layer, but obviously any thief is going to opt out of being identified.

Let me translate it to this year's vocabulary. Think of BCIs as a sidechain: let the legacy financial system migrate, to the extent desired, to a more heavily regulated pegged sidechain with a stronger identity layer. Let protocol-level rules regulate this nexus between the custodial (sidechain) and non-custodial address spaces (blockchain). This isn't entirely unlike the rules currently governing coin issuance i.e. coinbase transactions. Let the market forces play it out. Iterate as needed. I suspect that in retrospect it'll seem obvious. Many moons from now the balance might shift between the two, but it won't matter much. The system will have means to recover from catastrophic failure modes.

To help internalize such an evolution, please consider the layers the Bitcoin protocol builds on top of: segment 52:32 ("The Internet is being upgraded") of the BBC documentary "Inside The Dark Web" (https://www.youtube.com/watch?v=qXajND7BQzk#t=3152). Kaspersky's comments a few minutes earlier (50:06) aren't entirely out of context here either. Clearly, the need is acute for Bitcoin to become institutional i.e. for "billions of dollars of human value" to flow through it, as one Money 20/20 participant put it.


On Fri, Jan 9, 2015 at 2:00 PM, Mike Hearn <mike@plan99.net> wrote:
This needn't be so, once an optional identity layer, modeled after the Internet itself, is provided, as proposed in late August of last year on this mailing list

I think the observation about Target vs Bitcoin exchanges is a sharp one, but I'm not sure how your proposal helps. You say it's an optional identity layer, but obviously any thief is going to opt out of being identified.

For things like the Bitstamp hack, it's not clear how identity can help, because they were already doing KYC for all their customers. To take that further at the protocol level would require all transactions to have attached identity info, and that isn't going to happen - it wouldn't be Bitcoin, at that point.

I think that long term, it's probably possible to defend private keys adequately, even for large sums of money (maybe not bitstamp-large but we'll see). You can have very minimalist secure hardware that would have some additional policies on top, like refusing to sign transactions without an identity proof of who controls the target address. Very tight hot wallets that risk analyse the instructions they're receiving have been proposed years ago. 

No such hardware presently exists, but that's mostly because implementations always lag behind a long way behind ideas rather than any fundamental technical bottleneck. Perhaps the Bitstamp event will finally spur development of such things forward.