[Cryptography] Keeping Malware from Using Security Hardware

[Jerry Leichter]

> The comments you made on the DPRK heist are spot on, and I only add one thing. It's a feature of cryptocurrency that a transfer is irrevocable. Some people think it's desirable, some think it's undesirable, some think it's just the way things are, and a core facet of that heist is that it happened on a financial network with irrevocable transactions because that was a necessary component of the heist. These systems have as part of what they are that they are irrevocable, and this leads to that sort of problem more than anything else. 
Historically, irrevocable systems were mainly used for relatively low-value transactions.  Of course, what's low-value to me may be high-value to you - these are not exactly defined terms.  You can - I actually, many years ago, once did - by a new car for cash, your basic irrevocable transaction.  (This was also years before lemon laws.)

There are counter-examples - e.g., a bank check is by design irrevocable, at least in the normal course of things.  There's even a term of art for such things - "good money."  But they are (by design) somewhat cumbersome and slow to use.

The notion that we really want a system where an irrevocable $1.4 billion transaction is quick and easy to accomplish is just ... wrong.  It's a victory of technology over any real sense.
                                                        -- Jerry