55 comments

[ 2.7 ms ] story [ 111 ms ] thread
What I learned from the video: Ninety percent of Bitcoin is traded in Chinese currency. Because most of the trading is in China, the impact of the hackers is minimized and the value is stabilizing after dropping twenty percent.
That actually may not be true, many of the Chinese exchanges have 0 fee trading so their volume could be 'fake'.. there is no way to tell definitively.
> Bitcoin slumped 5.5 percent against the dollar as of 2:30 p.m. on Wednesday in Tokyo, bringing its two-day drop to 13 percent. Prices also sank 6.2 percent on Monday, although it was not clear if that initial move was related to the hack.

The price has actually been dropping consistently since the 31st of July.

Granted, this hack has caused a the drop to be bigger, but attributing the entire drop to it makes no sense. The timeline doesn't fit.

The most likely reason the price has been dropping is because the Bitcoin miners have ran out of reasons and deadlines to stop the bitcoin hardfork which will cause an increase in block size, which is the main reason why Bitcoin is artificially blocked from accepting more customers and grow.

Investors likely don't think its worth holding onto a currency if it has (and reached) an artificial ceiling.

Actually it makes perfect sense, and has happened in previous thefts.

I'm an investor and I think it's worth holding onto a currency if I see it as a good store of value, it doesn't matter if not everyone on earth is using it (eg: does everyone use gold? Could everyone use gold? No. Still a good store of value). So please don't speak on my behalf.

There are some nuances that are often not fully understood when discussing the transaction limit in bitcoin. Firstly, since the transactions are processed by the miners in exchange for a fee we have evolved into a dynamically calculated fee system. Since the blockchain is immutable this makes sense so that it is costly for an attacker or abuser to flood the system with meaningless transactions. There is some contention in this, but from my perspective what has emerged is a free market where if you need a quick transaction guaranteed you will pay the few cents to get it. Also, the Lightning network payment layer is in testing currently and when it is added as another layer on top of bitcoin this enables a huge rate of transactions per second for negligible price.
> Bitcoin is artificially blocked from accepting more customers and grow.

There's no such thing as a bitcoin customer. And by growth, the only obstacle is number of transactions/block which is limited by design.

But there's no tps limit that we wouldn't blow through in a day if it were free. Building a distributed DB? Nah, just dump it all in the blockchain and make the world hold it for you. Without a limit, and the prices that come from approaching that limit, the system would never reach a balance.

The goal is that transaction costs pay miners. That only works if blocks are small enough to reasonably process and scarce enough to justify paying for.

For everything else, build a sidechain and do your micropayments on it - link to BTC every now and then for larger fund transfers.

Can someone who really knows this help fix my ignorance?

How does someone actually steal from an exchange?

As I understand most of the funds(80-90+%) are kept in cold storage. Was the exchange not following this "best practice"? Is this not a best practice?

The way the cash equities markets work is you make a trade to buy or sell shares and they get delivered in 3 days time. Why does a bitcoin exchange need to have any bitcoins at all in a wallet accessible to any machine connected to the internet? Could they not work in a manner like this?

Why not net all trades and do settlement at the end of the day. If people want to withdraw bitcoins batch the requests up until the end of the day and then you can have a person or software review all requests before they are put into a hot wallet and sent out.

I've written my fair share of risk systems over the past 15 years. I think I understand how to manage risk, and delaying transaction settlement is considered part of risk management. You can trade as fast as you want but the actual settlement, by design, lags trading to allow for errors to be caught.

Bitfinex used to keep BTC in cold storage, but replaced that system with segregated multi-sig (2 of 3) wallets for each user account, backed by BitGo. In that scenario BitGo held one key, and Bitfinex held 2 keys for each account (one online and one offline). Supposedly BitGo should have enforced some limits on withdrawals to prevent such events, but for some reason that was bypassed.
Sure, I think I understand that, and I appreciate your answer.

My question is why do you need any bitcoins at all in hot storage?

What's wrong with netting until the end of the day and then put the required amount of coins in a hot wallet to do settlement say 24 hours after a trade?

Wouldn't this cooling off period give software and risk managers a chance to find invalid transactions and keep funds from being stolen out of a hot wallet?

Bitfinex was required by US regulators to switch from cold storage to segregated per-user wallets. Something to do with margin requirements for commodities exchanges.
Can you link to more detail about this? This doesn't seem like a requirement that would be enforced for other "commodities" exchanges? Also, it doesn't seem impossible to set up "per-user" cold storage?
Correct. Here is the source: "CFTC Regulation Prevented Bitfinex From Using Cold Storage" http://imgur.com/O46UNix
Actually it is incorrect. Source - Zane Tackett (Director of Community and Product Development at Bitfinex): https://np.reddit.com/r/BitcoinMarkets/comments/4vtv1m/bitfi...
I think you are probably right, the CFTC is not going to mandate a specific technical approach. Still, an exchange could very well make a poor choice in an attempt to comply with regs whose intent is focused on something very different from the risks of wallet theft.
This reminds me of when Mt. Gox was hacked and it was later found out that US Homeland Security officers (who were undercover) stole coins and laundered them through another exchange. Seems like someone in the CFTC wanted some coins for themselves..
> My question is why do you need any bitcoins at all in hot storage?

In the Bitfinex case essentially all bitcoins were in hot storage. Why they switched to that system I don't know. Perhaps they were convinced by BitGo marketing brochures that this would be more secure. Or, they were forced to do that by regulators.

In the general (not Bitfinex) case, you need hot storage in order to process withdrawals quickly. No one is going to use a cryptocurrency exchange which makes you wait 24h to withdraw, this is unacceptable in such dynamic markets.

You're making too much sense to work in cryptocurrency.
Bitfinex had inadequate security, that much is now proven. But more problematic, there is no such thing as provably adequate security for holding other people's private wallet keys. Any flaw in the process of generating or storing the keys is essentially the mother of all bug bounties. That is why over time, I hope that a decentralized method of exchanging digital assets will be used more widely.
Does bitfinex have any legal responsibility to its customers? What are the U.S. laws (if any) surrounding the theft of bitcoins?
Most of what happens next depends on how they were organized and registered.

The obvious next step is that Bitfinex will have to file for bankruptcy protection. Whether people get their cash balances / other crypto / etc. back or some proportion of the remaining assets will be up to the bankruptcy trustee. The trustee will follow the law but I don't know if they were properly registered, aka where depositers fall on the list or whether any of the assets would be considered secured.

they would only need to file for bankruptcy protection if they could not cover the loss from their own funds.

Right now with the price falling that could be an easier proposition tomorrow or next week.

They likely also have insurance that may cover some or all of the loss.
From the article (emphasis mine):

> While trading was halted in all digital currencies, including ethereum, the exchange said losses were limited only to bitcoin. It also said U.S. dollar deposits were not impacted.

As someone standing on the crypto currency sidelines with a bag of popcorn, I feel like this movie has gone from cyber punk drama to a played out comedy where you already know all the jokes and punchlines.

Every time a company attempts any form of "hot" storage for Bitcoin this seems to happen. At this point, I'm convinced it's only a matter of "when" not "if" for anybody else doing it. People keep trying to find an intersection between security and convenience but the lines are parallel!

So how does Coinbase do it?
Coinbase uses cold storage. They have some reserves in hot storage, but presumably less funds accessable makes them a smaller target. Correct me if I'm wrong, but I believe they are able to pull this off because they aren't technically an exchange. Coinbase Exchange may be all in hot storage, but they provide a seamless way to transmit your exchange reserves to a cold storage backed wallet.
Real world banks get robbed every day. As long as the hot wallet is a small enough portion of the total funds (unfortunately not what happened here) it'll just be an occasional cost of doing business.
Real world banks are backed by the federal government, both in terms of the FDIC, and the FBI and broader DOJ. Robbing a bank is a federal offense, and that is frankly why "big heists" tends to be such great fiction. Mostly.
I'm pretty sure that stealing hundreds of thousands of dollars worth of a "thing", regardless of what that "thing" is, is a federal offense thanks to CFAA, if nothing else.
It depends. By design (for plausible deniability) the key is not a password, it's a mathematical fact which can be independently discovered.

If you generated weak keys then it's not theft for me to guess/calculate them and allocate those coins to myself.

This is why BTC is described as proving the strength of hash functions, etc. If it was easy to cheat, someone would claim the public bug bounty by giving themselves all the coins. Because they haven't, we have a fairly good minimum bound on the difficulty.

> If it was easy to cheat, someone would claim the public bug bounty by giving themselves all the coins.

But giving yourself all the coins means demonstrates that the system doesn't work conclusively, and guarantees that no one will accept the coins for goods and services, so while giving yourself "all the coins" destroys a lot of value, it doesn't actually capture any value. So, if you wanted to profit from an exploit you developed, you would not do that (if you wanted to discredit bitcoin and had developed the exploit, you would do that.)

Right, they'd trickle them in to keep it secret. But that doesn't change the bug-bounty nature.
It changes the (paraphrased) "we can tell its secure because no one has visibly compromised for profit it the way they would if they could" nature you suggested uphtread, because, for profit, you would avoid visibly compromising it.
The attempt to rob a bank, even a failed attempt as most are = federal prison. You don't need to steal hundreds of thousands of dollars from a bank for it to become a federal case, which was my original point.
(comment deleted)
a typical bank robbery is very small (around $3-5k) and the perp usually gets caught. bitcoin robberies tend to be much much bigger and nothing can be done.
The price has rebounded quite a bit. This is different from the largest exchange hack in BTC history (2014 - MtGox) because now the exchange volume is much more distributed. I think this is a reflection of the increased robustness of the bitcoin economy in whole.

Pre Hack: $600 Low Point Post Hack: $465 Currently: $560

probably going back to $600 soon ,these selloffs are always temporary
Interesting: the thief is currently attempting to launder a fraction (1000 BTC, worth ~$550k) through a giveaway:

https://www.reddit.com/r/Bitcoin/comments/4vykkr/1000_btc_gi...

https://bitcointalk.org/index.php?topic=1574127.0

He is sending the coins as we speak: https://blockchain.info/address/1BfxSuxJqXuizBbTcP238JZY9DT4...

As a contingency, to plan for his possible arrest/death/etc, he signed a NLOCKTIME transaction that would automatically destroy these 1000 BTC in a week if no action is taken.

His handle "rekcahxfb" spells "bfxhacker" in reverse. No plans yet on what he will do with the remaining 118 500 BTC.

Just curious, how is he laundering them? Wouldn't he need to get clean bitcoin back in return?
The idea, I think, would be the analog of throwing thousands of dollars from a bank robbery into the street. The stolen bills can be identified by their serial numbers, but if law enforcement tries to crack down every time they see one of those bills pop up, the actual thief will be buried in the noise.

In Bitcoin land this is both more feasible and more complex at the same time -- it's very easy for a poorly planned version of this to make the thief no harder to identify, and even a well-executed version requires vigilance in the future to avoid betraying the identity of the thief vs. the identity of one of the giveaway recipients.

Presumably he will send some/all of the coins to himself (plausible deniability).

Or maybe, you are right, he is not directly attempting to launder, but just "creating noise" in the block chain to make it hard for investigators to trace the stolen coins.

How is this 'laundering'? Laundering is putting dirty money into some system and getting clean money back. This appears to be just giving some bitcoins away and getting nothing back. Forgive me if I'm misunderstanding something.

[edit: okay, paulcole just beat me to the punch.]

I don't understand why every hacker tries to come up with a novel way of laundering bitcoins or tries to launder them all at once.

Is there something urgent they need to spend thousands of bitcoins on right now that they can't just launder a hundred bitcoins a day through tumblers over the next few years?

You're assuming that they have a vested interest in holding their Bitcoins for some greater good.
I don't know how you came to that conclusion.

My assumption is that they're selfish assholes who want to successfully launder stolen Bitcoins. Holding on to Bitcoins and laundering them through tumblers gradually would allow them to do that. But it seems like every time a thief steals a large amount of Bitcoin, they try to put it through a tumbler all at once or come up with some other scheme that doesn't work to launder it all at once.

This is the perfect crime. IN a about a few months the heat will wear off and the thief or thieves can gradually convert the coins into cash or just store them in 1000s of wallets for later use
In the long run, I think this is good for Bitcoin. It's supposed to be a decentralized currency. Centralizing Bitcoin in an exchange makes the exchange a big target. This disincentivizes centralization and limits how much centralization can actually happen when people are foolish enough to try.

For individuals who lose Bitcoin because of exchanges getting hacked, it's because they leave Bitcoin in the exchange. This is antithetical to how Bitcoin is intended to be used. The answer is, don't do that. Make cold storage paper wallets and keep your Bitcoin there.

> this is good for Bitcoin ... The answer is, don't do that ... Make cold storage paper wallets and keep your Bitcoin there.

Only in bitcoin land is theft considered good for the ecosystem.

Only in bitcoin land does it make sense to blame laypeople for storing their money with financial institutions.

Only in bitcoin land is it a best practice to secure your money using a password written on a piece of paper.

Only in bitcoin land is it reasonable to expect consumers to do a better job of keeping their money secure than corporations with on staff security experts.

> Only in bitcoin land does it make sense to blame laypeople for storing their money with financial institutions.

Uh, yeah. That's the entire point of Bitcoin.

> Only in bitcoin land is it a best practice to secure your money using a password written on a piece of paper.

God no, at least not a password intended for human consumption. That's not what a cold wallet should be. It should be a key.

> Only in bitcoin land is it reasonable to expect consumers to do a better job of keeping their money secure than corporations with on staff security experts.

No, non-expert consumers should be using off-the-shelf security solutions made by a staff of security experts that they can use locally (i.e. physical Bitcoin wallets). It's just that not many people are working on that stuff, because most of the companies making Bitcoin stuff are catering to speculators trying to get rich quick.

There are a lot of really smart people working on creating centralized Bitcoin solutions, but frankly, that's just a bad idea, as evidenced by almost every centralized Bitcoin solution having been hacked at least once. A centralized system has too wide an attack surface and too high an incentive for attackers, and defeats most of the benefits of Bitcoin anyway.

Sure, it makes Bitcoin a poor choice for speculators looking to get rich quick, but I don't care in the least. They're outsiders who don't understand the tool and aren't on board with the philosophy of why Bitcoin is important.

If you don't understand decentralization and you try to be in Bitcoin, you're going to have a bad time.

> Uh, yeah. That's the entire point of Bitcoin.

The entire point of bitcoin is to avoid financial institutions? That sounds like a pretty big disadvantage compared to other forms of money that work well with financial institutions.

> That's not what a cold wallet should be. It should be a key.

A distinction without a difference as far as it relates to having all your money stolen.

> Sure, it makes Bitcoin a poor choice for speculators looking to get rich quick

It makes bitcoin a poor choice for the general population since most people fall into the category of "outsiders who don't understand the tool and aren't on board with the philosophy of why Bitcoin is important"

> The entire point of bitcoin is to avoid financial institutions? That sounds like a pretty big disadvantage compared to other forms of money that work well with financial institutions.

It is a huge disadvantage for some purposes, but there are plenty of advantages to avoiding financial institutions.

If you want to work with financial institutions, there are plenty of ways to do that already. Go get a savings account or a mutual fund; it's not complicated.

If you want to transfer money at low fees across national boundaries, or make your money harder for governments to seize, or make your money anonymous, Bitcoin can do those things better than other financial vehicles. And that's because it's not tied in with financial institutions.

> A distinction without a difference as far as it relates to having all your money stolen.

It's a huge difference. Humans are notoriously bad at creating secure passwords. A SPRNG-generated key is far more secure.

> It makes bitcoin a poor choice for the general population since most people fall into the category of "outsiders who don't understand the tool and aren't on board with the philosophy of why Bitcoin is important"

True. The same can be said of almost any investment vehicle--most people have very little understanding of most investment vehicles. I'd also say that for example futures and options are much harder to leverage well than Bitcoin. That doesn't mean they aren't useful, it means you have to know what you're doing to use them.

As Warren Buffet said, "Don't invest in things you don't understand."

I have no problem with people investing in Bitcoin purely for speculation to make money, but I'm also not going to cry if they make a bad investment because they can't be arsed to understand what they're investing in. I wouldn't invest in mining futures because I don't know how to leverage mining futures, and they shouldn't invest in decentralized currencies if they don't understand the implications of decentralization.

If you keep your money in an exchange, you're gonna have a bad time. Lots of people (myself included) were saying this before even the Mt. Gox stuff happened, so it's not like this isn't predictable.