Slightly off topic, but there's a lovely little novel called "The Cryptographer" about an electronic currency set up by a man called "John Law" that runs in parallel to hard currencies (in the book it's referred to as 'soft').
From WP: "John Law was a Scottish economist who believed that money was only a means of exchange that did not constitute wealth in itself and that national wealth depended on trade".
Note that there are at least two people involved (excluding Mt Gox): a hacker that managed to gain access to a large amount of bitcoins and started selling them all, and a person that profited of the low price by placing a large buy order at 1.01¢ per coin (so as to outbid sellers at 1¢ but still pay a very low price).
Kevin/toasty admitted to be the buyer, but he is not the hacker (at least, he claims he isn't and Mt Gox seems to agree). The article suggests that these two parties were either the same person or were at least in collusion, but there is no proof of that whatsoever.
Doesn't it make more sense for them to tell both sides and not take a stance? They're journalists--it's not their business to take sides if there is true cause for controversy.
Although it's a 'random forum post' it's hardly anonymous. The guy's full name (and I think address) turned up in the thread. The idea that something is 'just a random forum post' is usually because the poster is at least pseudo-anonymous if not fully anonymous.
He also questioned the fundamental workings of the currency, saying that its emphasis on anonymity and decentralised nature meant there was little recourse for users when things go wrong
In Bitcoins all the transactions are publicly logged (by design - it's the public nodes that actually perform and verify the transaction), so you can do the same.
Bitcoins are less anonymous than cash, since all transactions are visible. Anonymous identities may be inferred from known identities in a step-by-step process.
"The system has proved popular with online criminals"
Citation needed. Are there any stats on where BitCoin are being spent? Everybody says BitCoin could be useful for criminals, but how big is the adoption so far? How much business did Silk Road generate?
There was a comment on the Silk Road forums (in the context of replying to someone wondering whether buying from a seller with 0 reviews was very risky or not) to the effect that the Gawker article had caused SR to jump from a few hundred accounts to over 9000.
A decent number, granted, but likely most of them have not engaged in any transactions and never will. On the other hand, another poster mentioned that there is another Bitcoin+Tor market site by the name of BlackMarket (or something), so SR is only part of the picture.
How much do federal/local cops actually steal in drug money each year? Silk Road is a worldwide thing too so it would really have to be compared to the millions that corrupt forces in Mexico and all over the world make each year using the anonymous money system.
I think people need to reevaluate who the criminals really are.
I really wonder who is the person whose coins were being sold off. I mean, that's the real story here: somebody had many tens of thousands of BTC that were stolen from his MtGox account and were sold off at a very low price. (The story that people were buying BTC at very low prices is a distraction, the real story is that somebody was SELLING at this low price.)
The other thing is that MtGox did not suspend trading once market moved 20%. I think if it had such failsafe it could have prevented this fiasco. (Should shut down the marketplace once market moves 20% in any direction to reassess the situation and check if there is technical error or panic, or similar event that requires additional intervention. Any mature market requires such failsafe.)
Not a panic in itself is the problem. But as the grantparent mentions, there might be a technical issue (such as a hack, in this case) if such an irrational thing happens.
Safest action in that case is to halt the market temporarily (as well as delay withdraws) and investigate.
Circuit breakers give the exchange a chance to cool off and think things over. It isn't really intervention. It's just a halt to trades and they could take their BTC to Tradehill if they really feel like selling. Bitcoin fans like to pretend that all aspects of it should be unregulated, but when you take a decentralized currency and then place it in a centralized exchange, that mentality is no longer applicable and you have to deal with it like any other traded commodity. This includes security measures and circuit breakers on the exchanges.
In this case circuit breakers were not needed...it crashed down to .01 and was on its way to recovering (back up to $14) within minutes before the exchange was shut down...all this situation did for me was steel my resolve that it can handle a 2% market selloff at virtually zero.
I was in the forums and watching the Mt.Gox ticker while the "crash" happened.
If it wasn't a stolen balance then I would agree with you. A massive sell-off of BTC could've happened at any time. But in terms of self-preservation it would've been in MtGox's best interest to have a circuit breaker. I'm contradicting myself a little here, but I've been having a lot of cognitive dissonance over Bitcoin anyway :)
Exactly...had it been a real selloff by some crazy early adopter the market would have absorbed it and recovered. Circuit breakers prevent mass panic sells...I guess a lot of those panic sells were prevented by server load (inability to log in fast enough).
I doubt the real stock market could take something like what happened without serious issues remember 500k/~6M were exchanged in a matter of minutes at a rate that was obviously far below market value.
I personally doubt Mt.Gox had any bad intentions and I personally do not think they are lying now...but then again I had no money in the exchange at the time. Also, I am aware Mt.Gox is (was) the biggest exchange out there but there are many others...they are not the only fish...just the biggest, for some reason news articles typically imply they were the only option for BTC exchange.
If Bitcoin failed tomorrow I would still be glad to have been a part of it, history is being made as we speak...even if history just writes it off as a failure.
The amount sold was over 500000 BTC - more that all estimated deposits on MtGox. The likely explanation is that these were just virtual BTCs added through SQL injection. The alternatives are that a single person was keeping that much on an exchange rumored to be insecure and used insecure password (easily cracked from leaked md5 hashes), or the person decided to sell half his BTC for $0.01 - an extra $2500 in addition to hundred thousands.
The nature of Bitcoin is supposed to prevent things like fractional reserve banking, since the nature of the system means you can't give people BTC you don't have. It's impossible to create bitcoins in any other way except mining.
However, if people are making BTC transactions through a centralized exchange such as Mt. Gox, they are in effect moving numbers around in MtGox's database rather than actually transferring bitcoin. This means banks are able to effectively create BTC as they can with fiat currencies, leading to problems like the current case - problems that Bitcoin was designed to solve.
How would MtGox effectively "create BTC"? There is a difference between moving coins around in a database and creating new coins. All coins are deposited from users. The only way BTC would be "created" in MtGox is if MtGox was mining on their own. Coins need to be "mined" to be created - so MtGox couldn't even loan coins they didn't have.
MtGox could effectively "create" BTC by simply selling more than they actually had. This would of course only work as long as people were actually withdrawing less than MtGox had available to them. Until you attempt to withdraw the BTC from the exchange, you wouldn't necessarily actually know that they in fact exist.
The flaw here is there is typically more BTC sellers than buyers due to mining/dark pool. That combined with BlockExplorer tracking makes it pretty much impossible. Unless you are seeing something I am not.
I guess your theory will be tested when a large majority pulls their money from Mt.Gox...that is if that happens...we will all know in the next few days.
BlockExplorer won't help you in this hypothetical case because as I understand it MtGox doesn't even pretend to preform actual BTC transactions until you withdraw. Before you withdraw your "BTC" are only numbers in MtGox's internal system. They could be selling you additional of these numbers without having the actual BTC behind them available.
Anyway, I'm not saying they have sold more than they actually have, just that it is a technical possibility.
MtGox is a bank. When you put money in a real bank, it doesn't go into a box labeled "alttab's money", it goes in a box labeled "everybody's money" and there's a piece of paper called "alttab's account" with a number on it. When the bank robbers come, they take the box with money in it, but they don't take the piece of paper. Then when you try to withdraw your money, the bank manager opens the box of money and says "oops."
Indeed, if people would keep the money inside the exchange all the time, they would be able to artificially create more bitcoins in their system without being noticed.
In case all people would try to take all their money out, the exchange would be left with a deficit of money, practically not being able to return it to their users.
In anyway, it would be risky for an exchange to create more money than they actually have. For users, it would be best to keep as little money for as little time possible in exchanges, thats the whole point of bitcoin.
Any bitcoin in/out of Mt.Gox has to be verified by the network...a "fake" bitcoin would never get out and it would not benefit Mt.Gox to transfer fake BTC around internally.
A bitcoin cannot be counterfeited easily...hence the beauty of the system.
People can claim that there was never 500k bitcoin in Mt.Gox but the fact still remains there was a transfer of 500k just days before this incident that was discussed as possibly being Mt.Gox moving their internal wallet around.
Now if someone controlled over 50% of the network hashing capability that would be a different story...possibly they could inject false info or something like that (I admit I know very little about this part, just briefly reviewed it enough to know its bad) but that's why you see postings in the forums telling people to switch "guilds" to spread things out. Deepbit approached 50% last month and there was a mass exodus. Most of the people involved in this know the risks and work very hard to self regulate.
My point exactly. I guess my explanation is lacking, but what I meant when I said that the exchange would be left with a deficit in bitcoins, is that they would not be able to create more "real" bitcoins, than there were initially deposited by its users. It's a zero sum game(if you ignore the fees).
But, that does not mean that MtGox could not create "fake" bitcoins inside their system, and extract their value by selling real bitcoins from the bitcoin pool that the users contributed to. For such a thing to pass under the radar, MtGox would need to keep enough real bitcoins in the system to satisfy the bitcoin liquidity the exchange needs. That would not qualify that much as an exchange anymore, but it would be more similar to a ponzi scheme.
No, you're missing the point. Mt. Gox is not publishing the transactions that occur inside their exchange to the blockchain; they are tracking them themselves. All the bitcoins deposited at Mt. Gox are in one big wallet. Only when a user deposits or withdraws coins does a transaction get posted to the blockchain. (I'm not 100% sure of this, admittedly, but I've seen no evidence to the contrary and lots of indirect evidence that supports it.)
So what could happen, as the result of bugs in their code, or of an attack, or (hypothetically) of deliberate fraud on their part, is that the total BTC balance of all account holders could become greater than the total BTC they have in their wallet. As the above posters noted, this would have the effect of creating BTC; no one outside the exchange would be able to tell that it had occurred until someone tried to withdraw their BTC and found it wasn't there.
Now what they could do is make a separate wallet for each user and post all trades to the blockchain. This would perhaps be more in the spirit of Bitcoin as it would prevent the totals from getting out of whack. But as I say, I'm pretty sure they're not doing that -- for one thing, if they were, rolling back trades, as they have recently done, would be impossible. (And although I was not involved in this 500k selloff, on either side, I think they have to roll it back to preserve any hope of Bitcoin being taken seriously.)
I assure you I get that point...I just doubt it...and I believe it could be easily figured out. Just a lot of speculation that this is actually happening...its funny how they can be criticized for not having their site secure enough and for not "rushing" to get it back up at the exact same time.
So far there has been no evidence that Mt.Gox did anything except get hacked...even Tradehill was using the same encryption that Mt.Gox was until the hack...everyone upgraded after the incident.
Source? I hope you're not quoting the guy from the "I'm the one who bought them" forum thread who accidentally add all numbers including dates to determine how many BTC were traded. He was almost instantly debunked.
Bitcoin will recover, but right now it is going through a liquidity crisis:
Only a small percentage of BTC users were using Tradehill, a competitive BTC exchange. People have rushed to create accounts there, however it takes a few days to transfer money in, so right now there are more sellers than buyers, causing prices to go lower. In addition, apparently some people have their money tied up in unreachable MtGox accounts so are unable to trade.
MtGox has some serious issues to deal with. Finally yesterday, on the 3rd day after the exchange was brought down, they instituted an account recovery page, where you can provide information about your account and try to prove it is yours. Their support people are manually reviewing account information and will give you access when they feel you have sufficiently verified the info.
It looks very fishy, like MtGox is intentionally delaying access to people's accounts in order to prevent a run on the exchange. We don't know exactly how much money or coins were actually stolen from MtGox, but it is entirely possible that someone figured out a way to transfer a large amount of coins or real currency out of there. It might be possible that MtGox cannot make all investors whole again, so they are reenabling accounts just a few at a time and hoping that not everyone withdraws their funds at once.
Personally, I never kept a balance of either USD or BTC in MtGox. Their site looked too amateur to trust with money. I would sell my coins and transfer them to Dwolla immediately. Right now, all of the exchanges look sketchy. I would not trust a single VPS running MySQL at all with what could be millions of dollars.
Interesting article. While it is entirely possible to do this, professional traders will soon move in and arbitrage any price differences between exchanges.
As competition increases, amateur exchanges that manipulate the price will suffer the consequences, for example, overpaying on the buy side because they've artificially inflated the price. Or traders will just move to another exchange if the spread is too high between bid and ask.
The delay with getting your money into/out of bitcoin is too long to allow for that kind of arbitrage. The exchange owner could easily get away with the described practices.
You just need an account with some liquidity on every exchange. You could automate an HFT bot that executes a buy order on one exchange and a sell order on the other simultaneously.
It looks very fishy, like MtGox is intentionally delaying access to people's accounts in order to prevent a run on the exchange.
Such a move, if it is what Mt Gox is doing, is completely legitimate. If they are indeed bankrupt, then an orderly winding down is fairer; if they could recover their business, then this avoids needless value destruction.
This is one of the most balanced coverage of the Bitcoin issue I have seen. "The system has proved popular with online criminals, keen to keep their financial transactions secret, although it has a wider, legitimate, user base." Nicely researched. Kudos to the BBC team. Shows why BBC is still the trusted source for many of us.
I'm also surprised that bitcoin is being covered in such a mainstream news source - I was under the impression that it was still only of interest to the techy early adopter crowd.
I had the opposite reaction. I thought it was poorly-researched, esp. in that it parroted MtGox's explanation for the compromise. I don't think the BBC should be so quick to accept that story, given this information: http://news.ycombinator.com/item?id=2676263
They are quoting an official statement from Mt Gox. Its not like they are accepting this line. But if there is somebody they can quote, its Mt. Gox, not somebody who claims something on a forum. In any case, not mentioning 'toasty' is not really relevant.
61 comments
[ 2.4 ms ] story [ 132 ms ] threadhttp://www.amazon.co.uk/Cryptographer-Tobias-Hill/dp/0571218...
Also used as a pseudonym by Mencius Moldbug for his classic piece on gold: http://www.safehaven.com/article/5205/why-the-global-financi...
Kevin/toasty admitted to be the buyer, but he is not the hacker (at least, he claims he isn't and Mt Gox seems to agree). The article suggests that these two parties were either the same person or were at least in collusion, but there is no proof of that whatsoever.
There is no independent proof of Mt.Gox's claim either is there?
Compared to an official line from a company or government, it's pretty shaky.
The truth is, nobody knows where BitCoin is heading. It is still in it's infancy and Gavin, the lead dev, always describes it as an experiment.
He also questioned the fundamental workings of the currency, saying that its emphasis on anonymity and decentralised nature meant there was little recourse for users when things go wrong
So just like... Cash?
See http://blockexplorer.com
Citation needed. Are there any stats on where BitCoin are being spent? Everybody says BitCoin could be useful for criminals, but how big is the adoption so far? How much business did Silk Road generate?
A decent number, granted, but likely most of them have not engaged in any transactions and never will. On the other hand, another poster mentioned that there is another Bitcoin+Tor market site by the name of BlackMarket (or something), so SR is only part of the picture.
I see what you did there.
Seriously people, sometimes 'over 9000' is just a literal statement of truth and not a meme!
How much do federal/local cops actually steal in drug money each year? Silk Road is a worldwide thing too so it would really have to be compared to the millions that corrupt forces in Mexico and all over the world make each year using the anonymous money system.
I think people need to reevaluate who the criminals really are.
The other thing is that MtGox did not suspend trading once market moved 20%. I think if it had such failsafe it could have prevented this fiasco. (Should shut down the marketplace once market moves 20% in any direction to reassess the situation and check if there is technical error or panic, or similar event that requires additional intervention. Any mature market requires such failsafe.)
Safest action in that case is to halt the market temporarily (as well as delay withdraws) and investigate.
I was in the forums and watching the Mt.Gox ticker while the "crash" happened.
I doubt the real stock market could take something like what happened without serious issues remember 500k/~6M were exchanged in a matter of minutes at a rate that was obviously far below market value.
I personally doubt Mt.Gox had any bad intentions and I personally do not think they are lying now...but then again I had no money in the exchange at the time. Also, I am aware Mt.Gox is (was) the biggest exchange out there but there are many others...they are not the only fish...just the biggest, for some reason news articles typically imply they were the only option for BTC exchange.
If Bitcoin failed tomorrow I would still be glad to have been a part of it, history is being made as we speak...even if history just writes it off as a failure.
The nature of Bitcoin is supposed to prevent things like fractional reserve banking, since the nature of the system means you can't give people BTC you don't have. It's impossible to create bitcoins in any other way except mining.
However, if people are making BTC transactions through a centralized exchange such as Mt. Gox, they are in effect moving numbers around in MtGox's database rather than actually transferring bitcoin. This means banks are able to effectively create BTC as they can with fiat currencies, leading to problems like the current case - problems that Bitcoin was designed to solve.
I guess your theory will be tested when a large majority pulls their money from Mt.Gox...that is if that happens...we will all know in the next few days.
Anyway, I'm not saying they have sold more than they actually have, just that it is a technical possibility.
In case all people would try to take all their money out, the exchange would be left with a deficit of money, practically not being able to return it to their users.
In anyway, it would be risky for an exchange to create more money than they actually have. For users, it would be best to keep as little money for as little time possible in exchanges, thats the whole point of bitcoin.
http://blockexplorer.com/
You can see any and all transactions.
Any bitcoin in/out of Mt.Gox has to be verified by the network...a "fake" bitcoin would never get out and it would not benefit Mt.Gox to transfer fake BTC around internally.
A bitcoin cannot be counterfeited easily...hence the beauty of the system.
People can claim that there was never 500k bitcoin in Mt.Gox but the fact still remains there was a transfer of 500k just days before this incident that was discussed as possibly being Mt.Gox moving their internal wallet around.
Now if someone controlled over 50% of the network hashing capability that would be a different story...possibly they could inject false info or something like that (I admit I know very little about this part, just briefly reviewed it enough to know its bad) but that's why you see postings in the forums telling people to switch "guilds" to spread things out. Deepbit approached 50% last month and there was a mass exodus. Most of the people involved in this know the risks and work very hard to self regulate.
But, that does not mean that MtGox could not create "fake" bitcoins inside their system, and extract their value by selling real bitcoins from the bitcoin pool that the users contributed to. For such a thing to pass under the radar, MtGox would need to keep enough real bitcoins in the system to satisfy the bitcoin liquidity the exchange needs. That would not qualify that much as an exchange anymore, but it would be more similar to a ponzi scheme.
So what could happen, as the result of bugs in their code, or of an attack, or (hypothetically) of deliberate fraud on their part, is that the total BTC balance of all account holders could become greater than the total BTC they have in their wallet. As the above posters noted, this would have the effect of creating BTC; no one outside the exchange would be able to tell that it had occurred until someone tried to withdraw their BTC and found it wasn't there.
Now what they could do is make a separate wallet for each user and post all trades to the blockchain. This would perhaps be more in the spirit of Bitcoin as it would prevent the totals from getting out of whack. But as I say, I'm pretty sure they're not doing that -- for one thing, if they were, rolling back trades, as they have recently done, would be impossible. (And although I was not involved in this 500k selloff, on either side, I think they have to roll it back to preserve any hope of Bitcoin being taken seriously.)
So far there has been no evidence that Mt.Gox did anything except get hacked...even Tradehill was using the same encryption that Mt.Gox was until the hack...everyone upgraded after the incident.
Source? I hope you're not quoting the guy from the "I'm the one who bought them" forum thread who accidentally add all numbers including dates to determine how many BTC were traded. He was almost instantly debunked.
500KBTC is a pretty solid number, or at least, it's as solid as anything else that the public's been told.
Only a small percentage of BTC users were using Tradehill, a competitive BTC exchange. People have rushed to create accounts there, however it takes a few days to transfer money in, so right now there are more sellers than buyers, causing prices to go lower. In addition, apparently some people have their money tied up in unreachable MtGox accounts so are unable to trade.
MtGox has some serious issues to deal with. Finally yesterday, on the 3rd day after the exchange was brought down, they instituted an account recovery page, where you can provide information about your account and try to prove it is yours. Their support people are manually reviewing account information and will give you access when they feel you have sufficiently verified the info.
It looks very fishy, like MtGox is intentionally delaying access to people's accounts in order to prevent a run on the exchange. We don't know exactly how much money or coins were actually stolen from MtGox, but it is entirely possible that someone figured out a way to transfer a large amount of coins or real currency out of there. It might be possible that MtGox cannot make all investors whole again, so they are reenabling accounts just a few at a time and hoping that not everyone withdraws their funds at once.
Personally, I never kept a balance of either USD or BTC in MtGox. Their site looked too amateur to trust with money. I would sell my coins and transfer them to Dwolla immediately. Right now, all of the exchanges look sketchy. I would not trust a single VPS running MySQL at all with what could be millions of dollars.
As competition increases, amateur exchanges that manipulate the price will suffer the consequences, for example, overpaying on the buy side because they've artificially inflated the price. Or traders will just move to another exchange if the spread is too high between bid and ask.
Such a move, if it is what Mt Gox is doing, is completely legitimate. If they are indeed bankrupt, then an orderly winding down is fairer; if they could recover their business, then this avoids needless value destruction.
Lots of other websites mention it every other day, yet this crash was probably the first major event for the technology.