That’s a fair concern, and Boomerang isn’t trying to defeat an infinitely patient attacker, because realistically no custody system can.
What it targets is how coercion actually happens in the real world: attackers almost always depend on short, predictable windows where they can force cooperation, get the funds, and leave. Holding someone indefinitely is risky, expensive, and hard to sustain.
Boomerang removes that predictability. Even if an attacker forces cooperation, they can’t know how long the withdrawal will take, and the process includes built-in duress checks that create opportunities to signal trouble. Suddenly the attack stops being a quick, controlled event and turns into an open-ended situation with rising risk for the attacker.
So the goal isn’t to “stall forever.” It’s to make coercion unreliable, costly, and uncertain enough that many real-world attacks become unattractive or collapse before succeeding, while working alongside traditional physical and organizational security.
That’s a fair concern, and Boomerang isn’t trying to defeat an infinitely patient attacker, because realistically no custody system can.
What it targets is how coercion actually happens in the real world: attackers almost always depend on short, predictable windows where they can force cooperation, get the funds, and leave. Holding someone indefinitely is risky, expensive, and hard to sustain.
Boomerang removes that predictability. Even if an attacker forces cooperation, they can’t know how long the withdrawal will take, and the process includes built-in duress checks that create opportunities to signal trouble. Suddenly the attack stops being a quick, controlled event and turns into an open-ended situation with rising risk for the attacker.
So the goal isn’t to “stall forever.” It’s to make coercion unreliable, costly, and uncertain enough that many real-world attacks become unattractive or collapse before succeeding, while working alongside traditional physical and organizational security.