Though bitcoin exchanges being hacked seem common, it sounds like this one did a good job with layered security.
Though we don't know what the damages total is yet, at least it isn't a complete loss.
Maybe the post was edited, but I see "Although this incident is unfortunate, its scale is small and will be fully absorbed by the company." there currently. Hopefully it's true.
95% of the BTC aren't online, by their admission, which means 95% of the BTC might not even bet there. They could be using a 5% fractional reserve banking method and we wouldn't know unless everyone withdraws for a few days or so.
Verifying whether someone has bitcoins or not is trivial - all they have to do is sign a message with the wallet's private key. That functionality is included in the standard wallet software.
What do you mean by "fractional reserve"? I get the impression that the Bitcoin world means something different by that term than the banking world.
Edit: I think some people are confusing fractional reserve (where reserves are less than deposits due to loans) with insolvency (where assets are less than liabilities). MtGox's problem was insolvency, not fractional reserve.
The fact that people can be saying encouraging things about the technical design or security of Bitfinex should tell you a lot about how seriously to take message boards on this topic.
Bitfinex was, according to reports I've read, derived from the source code for Bitcoinica, which was an exchange written by a 17 year old most famous for its spectacular security failures.
My comment was without any kind of adjudication about the hot wallet breach itself, just a friendly reminder that there's a lesson hidden here: situations where something "shouldn't ever happen" need to be considered in the context of our systems and businesses. It isn't a panacea but while $332k is a lot of money, $66.4M is a lot more.
They should have stopped using that hot wallet immediately as soon as transfers not authorized by them happened. They detected that manually after a few hours, not automatically. There's still much to be improved in terms of security in Bitcoin exchanges.
The guardian story earlier this week that talked about the NASDAQ using colored coins to represent ownership of financial assets seems like a pretty terrible idea when framed in the context of inevitable bitcoin theft. In this case, the hot wallet strategy minimized the financial damage incurred by the institution, but even this relatively small amount of bitcoin could have been a devastating loss if the coins had represented valuable NASDAQ financial assets.
Not 100% certain on what their proposed colored coin protocol is, but any instrument that's not a block chain currency itself can simply be detached from the colored coin in case of fraud.
I.E.: If you steal a colored coin linked to 5000 shares of Apple stock registered at a certain broker, then that broker might be informed that the colored coin was stolen, and then simply refuse to act out any transaction on the authority of the colored coin. NASDAQ, authorities and the broker can figure out amongst themselves what should happen to the 5000 shares of Apple stock represented by the colored coin. I imagine they'll simply fabricate a new colored coin and issue that to whoever lost the previous coin.
It's important to note that because Bitcoin is a public ledger, it is trivial to tag and subsequently identify stolen colored coins. This tracability is probably exactly what makes NASDAQ interested in Bitcoin as a tool for financial transactions.
What is the point of using bitcoin at all if a central authority is capable of rescinding the value of the coins at their discretion? The NASDAQ might as well skip the overhead of a global decentralized ledger and simply use a centralized system that they have complete control over.
This seems like it would be prone to abuse. What is the advantage of transacting outside the purview of the central authority while still being subject to the prerogatives of the central authority? If I strike a deal with someone behind closed doors, then that person later claims that I actually stole from them, I have to trust that the central authority will make the right decision regarding the nature of the transaction, otherwise I may end up getting retroactively screwed in the deal. The reverse is also a concern; someone could steal your coins, then claim that you're only filing a grievance because now you regret the deal. All this does is give the central authority less information from which to draw an accurate conclusion.
Similar schemes have been discussed for stolen bitcoins, as well -- tagging them as stolen and then trying to get all parties/clients/exchanges to reject them.
Re: it is trivial to tag and subsequently identify stolen colored coins -
How does this work once the coins have entered a common wallet? Say I'm running a business, and someone pays me a stolen 1BTC for something and it goes into a wallet that already has 50BTC in it. There's now no difference between the 50 already in there and the 1 stolen.
The way I understand it, the coins themselves are not traceable, the transactions are.
As far as I understand it is that it's the transactions that carry the value, not the coins. So the fact that you have an incoming transaction for a colored coin, and not an outgoing one means you still own it. How many BTC is transferred in the transaction is irrelevant (which is why they use 1 Satoshi as an example). Finding out if a colored coin is valid means simply walking the block chain until you find an origin you consider authoritative.
The DEF->ABC transaction is tagged with C1. And the ABC->XYZ transaction is also tagged with C1. XYZ should look at ABC's history and see if he ever had an incoming transaction with C1, and then check DEF and see if he had an incoming transaction with C1, etc..
There's probably a fancy scheme to make this checking of colored coins in the blockchain easier, I'm not familiar enough with colored coins to know for sure.
Since BTC is divisible to any limits and any amount of it could be controlling any amount of smart property.
Colored coins, Open Assets etc are all just fancy names. What we are basically doing is declaring that a bitcoin address X is now associated to some asset A, say a car. Whoever holds the private keys to X owns A. If all the money in X goes to Y then Y is the new owner.
- Nothing is binding you to hold your declaration or even check if your declaration is valid, but the central lawmakers. Me and you could both be claiming to own the same A, who is to decide? The law.
- Only digital assets can have some inbuilt mechanism that ensure that indeed A owns the private keys to X.
We already knew we could save messages in a transaction.
I think NASDAQ realizes this joke and thus jumped on it, why not, because the dispute resolution is still central authority and not an algorithm with inbuilt monetary punishment.
That's only fully realized if all customers pull out funds. If they're operating a fractional reserve, that's just a statement, nothing more. (There's zero reason why every exchange can't prove they're 100% funded on a regular basis)
But even if you trust that (just think that they could borrow the money or convert usd to btc specifically for the audit), it's only the BTC part. They have tons of USD deposited too, there's no proof for that.
So there's no definitive proof that any exchange holds all the value it owes to its depositors.
48 comments
[ 2.8 ms ] story [ 104 ms ] threadAt least it's their first time. Others are hacked on a semi-annual basis.
1581 BTC currently, or around $370,000.
Cold wallets are considered essential for security, though.
Edit: I think some people are confusing fractional reserve (where reserves are less than deposits due to loans) with insolvency (where assets are less than liabilities). MtGox's problem was insolvency, not fractional reserve.
Bitfinex was, according to reports I've read, derived from the source code for Bitcoinica, which was an exchange written by a 17 year old most famous for its spectacular security failures.
They partnered with Alpha Point some time ago. A cursory google search will confirm that.
I.E.: If you steal a colored coin linked to 5000 shares of Apple stock registered at a certain broker, then that broker might be informed that the colored coin was stolen, and then simply refuse to act out any transaction on the authority of the colored coin. NASDAQ, authorities and the broker can figure out amongst themselves what should happen to the 5000 shares of Apple stock represented by the colored coin. I imagine they'll simply fabricate a new colored coin and issue that to whoever lost the previous coin.
It's important to note that because Bitcoin is a public ledger, it is trivial to tag and subsequently identify stolen colored coins. This tracability is probably exactly what makes NASDAQ interested in Bitcoin as a tool for financial transactions.
How does this work once the coins have entered a common wallet? Say I'm running a business, and someone pays me a stolen 1BTC for something and it goes into a wallet that already has 50BTC in it. There's now no difference between the 50 already in there and the 1 stolen.
The way I understand it, the coins themselves are not traceable, the transactions are.
You have a wallet for incoming transactions, checksum "abc".
You recieve two transactions, one from "def" and one from "ghi". You eventually pay wallet "xyz". The blockchain for this transaction looks like this:
How do you (as a third party, or the owner of ABC, or the owner of XYZ) differentiate which of the two transactions the .5BTC are the child of?So:
The DEF->ABC transaction is tagged with C1. And the ABC->XYZ transaction is also tagged with C1. XYZ should look at ABC's history and see if he ever had an incoming transaction with C1, and then check DEF and see if he had an incoming transaction with C1, etc..There's probably a fancy scheme to make this checking of colored coins in the blockchain easier, I'm not familiar enough with colored coins to know for sure.
Colored coins, Open Assets etc are all just fancy names. What we are basically doing is declaring that a bitcoin address X is now associated to some asset A, say a car. Whoever holds the private keys to X owns A. If all the money in X goes to Y then Y is the new owner.
- Nothing is binding you to hold your declaration or even check if your declaration is valid, but the central lawmakers. Me and you could both be claiming to own the same A, who is to decide? The law.
- Only digital assets can have some inbuilt mechanism that ensure that indeed A owns the private keys to X.
We already knew we could save messages in a transaction.
I think NASDAQ realizes this joke and thus jumped on it, why not, because the dispute resolution is still central authority and not an algorithm with inbuilt monetary punishment.
http://www.reddit.com/r/Bitcoin/comments/36uxxz/bitfinex_has...
I also remember this from a few days ago..
http://www.reddit.com/r/BitcoinMarkets/comments/353yu8/bitfi...
But even if you trust that (just think that they could borrow the money or convert usd to btc specifically for the audit), it's only the BTC part. They have tons of USD deposited too, there's no proof for that.
So there's no definitive proof that any exchange holds all the value it owes to its depositors.
So they'll pay with the money they stole themselves? At least they got some publicity out of it.