
Bitcoin Sinks After Hackers Steal $65M from Exchange - ucha
http://www.bloomberg.com/news/articles/2016-08-03/bitcoin-plunges-after-hackers-breach-h-k-exchange-steal-coins
======
chollida1
Can someone who really knows this help fix my ignorance?

How does someone actually steal from an exchange?

As I understand most of the funds(80-90+%) are kept in cold storage. Was the
exchange not following this "best practice"? Is this not a best practice?

The way the cash equities markets work is you make a trade to buy or sell
shares and they get delivered in 3 days time. Why does a bitcoin exchange need
to have any bitcoins at all in a wallet accessible to any machine connected to
the internet? Could they not work in a manner like this?

Why not net all trades and do settlement at the end of the day. If people want
to withdraw bitcoins batch the requests up until the end of the day and then
you can have a person or software review all requests before they are put into
a hot wallet and sent out.

I've written my fair share of risk systems over the past 15 years. I think I
understand how to manage risk, and delaying transaction settlement is
considered part of risk management. You can trade as fast as you want but the
actual settlement, by design, lags trading to allow for errors to be caught.

~~~
onestone
Bitfinex used to keep BTC in cold storage, but replaced that system with
segregated multi-sig (2 of 3) wallets for each user account, backed by BitGo.
In that scenario BitGo held one key, and Bitfinex held 2 keys for each account
(one online and one offline). Supposedly BitGo should have enforced some
limits on withdrawals to prevent such events, but for some reason that was
bypassed.

~~~
chollida1
Sure, I think I understand that, and I appreciate your answer.

My question is why do you need any bitcoins at all in hot storage?

What's wrong with netting until the end of the day and then put the required
amount of coins in a hot wallet to do settlement say 24 hours after a trade?

Wouldn't this cooling off period give software and risk managers a chance to
find invalid transactions and keep funds from being stolen out of a hot
wallet?

~~~
zekevermillion
Bitfinex was required by US regulators to switch from cold storage to
segregated per-user wallets. Something to do with margin requirements for
commodities exchanges.

~~~
mrb
Correct. Here is the source: "CFTC Regulation Prevented Bitfinex From Using
Cold Storage" [http://imgur.com/O46UNix](http://imgur.com/O46UNix)

~~~
onestone
Actually it is incorrect. Source - Zane Tackett (Director of Community and
Product Development at Bitfinex):
[https://np.reddit.com/r/BitcoinMarkets/comments/4vtv1m/bitfi...](https://np.reddit.com/r/BitcoinMarkets/comments/4vtv1m/bitfinex_down_due_to_bitcoin_security_breach/d62v468)

~~~
zekevermillion
I think you are probably right, the CFTC is not going to mandate a specific
technical approach. Still, an exchange could very well make a poor choice in
an attempt to comply with regs whose intent is focused on something very
different from the risks of wallet theft.

------
mrb
Interesting: the thief is currently attempting to launder a fraction (1000
BTC, worth ~$550k) through a giveaway:

[https://www.reddit.com/r/Bitcoin/comments/4vykkr/1000_btc_gi...](https://www.reddit.com/r/Bitcoin/comments/4vykkr/1000_btc_giveaway_from_your_friend_rekcahxfb/)

[https://bitcointalk.org/index.php?topic=1574127.0](https://bitcointalk.org/index.php?topic=1574127.0)

He is sending the coins as we speak:
[https://blockchain.info/address/1BfxSuxJqXuizBbTcP238JZY9DT4...](https://blockchain.info/address/1BfxSuxJqXuizBbTcP238JZY9DT4eqvzJG)

As a contingency, to plan for his possible arrest/death/etc, he signed a
NLOCKTIME transaction that would automatically destroy these 1000 BTC in a
week if no action is taken.

His handle "rekcahxfb" spells "bfxhacker" in reverse. No plans yet on what he
will do with the remaining 118 500 BTC.

~~~
paulcole
Just curious, how is he laundering them? Wouldn't he need to get clean bitcoin
back in return?

~~~
andrewla
The idea, I think, would be the analog of throwing thousands of dollars from a
bank robbery into the street. The stolen bills can be identified by their
serial numbers, but if law enforcement tries to crack down every time they see
one of those bills pop up, the actual thief will be buried in the noise.

In Bitcoin land this is both more feasible and more complex at the same time
-- it's very easy for a poorly planned version of this to make the thief no
harder to identify, and even a well-executed version requires vigilance in the
future to avoid betraying the identity of the thief vs. the identity of one of
the giveaway recipients.

------
koolba
From the article (emphasis mine):

> While trading was halted in all digital currencies, including ethereum, the
> exchange said losses were limited only to bitcoin. It also said _U.S. dollar
> deposits were not impacted_.

As someone standing on the crypto currency sidelines with a bag of popcorn, I
feel like this movie has gone from cyber punk drama to a played out comedy
where you already know all the jokes and punchlines.

Every time a company attempts any form of "hot" storage for Bitcoin this seems
to happen. At this point, I'm convinced it's only a matter of "when" not "if"
for anybody else doing it. People keep trying to find an intersection between
security and convenience but the lines are parallel!

~~~
aianus
Real world banks get robbed every day. As long as the hot wallet is a small
enough portion of the total funds (unfortunately not what happened here) it'll
just be an occasional cost of doing business.

~~~
Aelinsaar
Real world banks are backed by the federal government, both in terms of the
FDIC, and the FBI and broader DOJ. Robbing a bank is a federal offense, and
that is frankly why "big heists" tends to be such great fiction. Mostly.

~~~
Karunamon
I'm pretty sure that stealing hundreds of thousands of dollars worth of a
"thing", regardless of what that "thing" is, is a federal offense thanks to
CFAA, if nothing else.

~~~
EdHominem
It depends. By design (for plausible deniability) the key is _not_ a password,
it's a mathematical fact which can be independently discovered.

If you generated weak keys then it's not theft for me to guess/calculate them
and allocate those coins to myself.

This is why BTC is described as proving the strength of hash functions, etc.
If it was easy to cheat, someone would claim the public bug bounty by giving
themselves all the coins. Because they haven't, we have a fairly good minimum
bound on the difficulty.

~~~
dragonwriter
> If it was easy to cheat, someone would claim the public bug bounty by giving
> themselves all the coins.

But giving yourself all the coins means demonstrates that the system doesn't
work conclusively, and guarantees that no one will accept the coins for goods
and services, so while giving yourself "all the coins" destroys a lot of
value, it doesn't actually _capture_ any value. So, if you wanted to profit
from an exploit you developed, you would _not_ do that (if you wanted to
discredit bitcoin and had developed the exploit, you would do that.)

~~~
EdHominem
Right, they'd trickle them in to keep it secret. But that doesn't change the
bug-bounty nature.

~~~
dragonwriter
It changes the (paraphrased) "we can tell its secure because no one has
visibly compromised for profit it the way they would if they could" nature you
suggested uphtread, because, for profit, you would _avoid_ visibly
compromising it.

------
solotronics
The price has rebounded quite a bit. This is different from the largest
exchange hack in BTC history (2014 - MtGox) because now the exchange volume is
much more distributed. I think this is a reflection of the increased
robustness of the bitcoin economy in whole.

Pre Hack: $600 Low Point Post Hack: $465 Currently: $560

~~~
paulpauper
probably going back to $600 soon ,these selloffs are always temporary

------
thomaszander
> Bitcoin slumped 5.5 percent against the dollar as of 2:30 p.m. on Wednesday
> in Tokyo, bringing its two-day drop to 13 percent. Prices also sank 6.2
> percent on Monday, although it was not clear if that initial move was
> related to the hack.

The price has actually been dropping consistently since the 31st of July.

Granted, this hack has caused a the drop to be bigger, but attributing the
entire drop to it makes no sense. The timeline doesn't fit.

The most likely reason the price has been dropping is because the Bitcoin
miners have ran out of reasons and deadlines to stop the bitcoin hardfork
which will cause an increase in block size, which is the main reason why
Bitcoin is artificially blocked from accepting more customers and grow.

Investors likely don't think its worth holding onto a currency if it has (and
reached) an artificial ceiling.

~~~
solotronics
There are some nuances that are often not fully understood when discussing the
transaction limit in bitcoin. Firstly, since the transactions are processed by
the miners in exchange for a fee we have evolved into a dynamically calculated
fee system. Since the blockchain is immutable this makes sense so that it is
costly for an attacker or abuser to flood the system with meaningless
transactions. There is some contention in this, but from my perspective what
has emerged is a free market where if you need a quick transaction guaranteed
you will pay the few cents to get it. Also, the Lightning network payment
layer is in testing currently and when it is added as another layer on top of
bitcoin this enables a huge rate of transactions per second for negligible
price.

------
paulpauper
This is the perfect crime. IN a about a few months the heat will wear off and
the thief or thieves can gradually convert the coins into cash or just store
them in 1000s of wallets for later use

------
devishard
In the long run, I think this is good for Bitcoin. It's supposed to be a
decentralized currency. Centralizing Bitcoin in an exchange makes the exchange
a big target. This disincentivizes centralization and limits how much
centralization can actually happen when people are foolish enough to try.

For individuals who lose Bitcoin because of exchanges getting hacked, it's
because they leave Bitcoin in the exchange. This is antithetical to how
Bitcoin is intended to be used. The answer is, _don 't do that_. Make cold
storage paper wallets and keep your Bitcoin there.

~~~
vectorpush
> _this is good for Bitcoin ... The answer is, don 't do that ... Make cold
> storage paper wallets and keep your Bitcoin there._

Only in bitcoin land is theft considered _good_ for the ecosystem.

Only in bitcoin land does it make sense to blame laypeople for storing their
money with financial institutions.

Only in bitcoin land is it a best practice to secure your money using a
password written on a piece of paper.

Only in bitcoin land is it reasonable to expect consumers to do a better job
of keeping their money secure than corporations with on staff security
experts.

~~~
devishard
> Only in bitcoin land does it make sense to blame laypeople for storing their
> money with financial institutions.

Uh, yeah. That's the entire point of Bitcoin.

> Only in bitcoin land is it a best practice to secure your money using a
> password written on a piece of paper.

God no, at least not a password intended for human consumption. That's not
what a cold wallet should be. It should be a key.

> Only in bitcoin land is it reasonable to expect consumers to do a better job
> of keeping their money secure than corporations with on staff security
> experts.

No, non-expert consumers should be using off-the-shelf security solutions made
by a staff of security experts that they can use locally (i.e. physical
Bitcoin wallets). It's just that not many people are working on that stuff,
because most of the companies making Bitcoin stuff are catering to speculators
trying to get rich quick.

There are a lot of really smart people working on creating centralized Bitcoin
solutions, but frankly, that's just a bad idea, as evidenced by almost every
centralized Bitcoin solution having been hacked at least once. A centralized
system has too wide an attack surface and too high an incentive for attackers,
and defeats most of the benefits of Bitcoin anyway.

Sure, it makes Bitcoin a poor choice for speculators looking to get rich
quick, but I don't care in the least. They're outsiders who don't understand
the tool and aren't on board with the philosophy of why Bitcoin is important.

If you don't understand decentralization and you try to be in Bitcoin, you're
going to have a bad time.

~~~
vectorpush
> _Uh, yeah. That 's the entire point of Bitcoin._

The entire point of bitcoin is to avoid financial institutions? That sounds
like a pretty big disadvantage compared to other forms of money that work well
with financial institutions.

> _That 's not what a cold wallet should be. It should be a key._

A distinction without a difference as far as it relates to having all your
money stolen.

> _Sure, it makes Bitcoin a poor choice for speculators looking to get rich
> quick_

It makes bitcoin a poor choice for the general population since most people
fall into the category of "outsiders who don't understand the tool and aren't
on board with the philosophy of why Bitcoin is important"

~~~
devishard
> The entire point of bitcoin is to avoid financial institutions? That sounds
> like a pretty big disadvantage compared to other forms of money that work
> well with financial institutions.

It is a huge disadvantage for some purposes, but there are plenty of
advantages to avoiding financial institutions.

If you want to work with financial institutions, there are plenty of ways to
do that already. Go get a savings account or a mutual fund; it's not
complicated.

If you want to transfer money at low fees across national boundaries, or make
your money harder for governments to seize, or make your money anonymous,
Bitcoin can do those things better than other financial vehicles. And that's
_because_ it's not tied in with financial institutions.

> A distinction without a difference as far as it relates to having all your
> money stolen.

It's a huge difference. Humans are notoriously bad at creating secure
passwords. A SPRNG-generated key is far more secure.

> It makes bitcoin a poor choice for the general population since most people
> fall into the category of "outsiders who don't understand the tool and
> aren't on board with the philosophy of why Bitcoin is important"

True. The same can be said of almost any investment vehicle--most people have
very little understanding of most investment vehicles. I'd also say that for
example futures and options are much harder to leverage well than Bitcoin.
That doesn't mean they aren't useful, it means you have to know what you're
doing to use them.

As Warren Buffet said, "Don't invest in things you don't understand."

I have no problem with people investing in Bitcoin purely for speculation to
make money, but I'm also not going to cry if they make a bad investment
because they can't be arsed to understand what they're investing in. I
wouldn't invest in mining futures because I don't know how to leverage mining
futures, and they shouldn't invest in decentralized currencies if they don't
understand the implications of decentralization.

If you keep your money in an exchange, you're gonna have a bad time. Lots of
people (myself included) were saying this before even the Mt. Gox stuff
happened, so it's not like this isn't predictable.

------
zekevermillion
Bitfinex had inadequate security, that much is now proven. But more
problematic, there is no such thing as provably adequate security for holding
other people's private wallet keys. Any flaw in the process of generating or
storing the keys is essentially the mother of all bug bounties. That is why
over time, I hope that a decentralized method of exchanging digital assets
will be used more widely.

------
doorty
What I learned from the video: Ninety percent of Bitcoin is traded in Chinese
currency. Because most of the trading is in China, the impact of the hackers
is minimized and the value is stabilizing after dropping twenty percent.

~~~
solotronics
That actually may not be true, many of the Chinese exchanges have 0 fee
trading so their volume could be 'fake'.. there is no way to tell
definitively.

------
homogeneous
Does bitfinex have any legal responsibility to its customers? What are the
U.S. laws (if any) surrounding the theft of bitcoins?

~~~
mikeyouse
Most of what happens next depends on how they were organized and registered.

The obvious next step is that Bitfinex will have to file for bankruptcy
protection. Whether people get their cash balances / other crypto / etc. back
or some proportion of the remaining assets will be up to the bankruptcy
trustee. The trustee will follow the law but I don't know if they were
properly registered, aka where depositers fall on the list or whether any of
the assets would be considered secured.

~~~
celticninja
they would only need to file for bankruptcy protection if they could not cover
the loss from their own funds.

Right now with the price falling that could be an easier proposition tomorrow
or next week.

~~~
tempestn
They likely also have insurance that may cover some or all of the loss.

