
Bitcoin withdrawal processing suspended - julespitt
https://www.bitstamp.net/article/bitcoin-withdraws-suspended/
======
slg
I have a feeling that people in the Bitcoin community are going to start
learning the results of a truly free market, lack of regulations, and the
dangers of dealing with a bank that you can't trust.

~~~
VMG
They already are, and it works tremendously.

There are multiple exchanges all around the world that compete for the
business of customers and innovating in a break-neck speed, none of which
would even exist if there was government regulation. Bugs are fixed and
problems are addressed faster than the average legislator can spell
"malleability".

It would work even better if there was less regulation and investors could
fund exchanges in the US without having to buy a bank, so that development
could actually happen everywhere and not only in Japan and Slovenia.

~~~
gamblor956
Regulation would have provided that they would have gotten their funds back/in
a timely manner.

Lack of regulation means that others learn from their misfortune.

~~~
Hermel
Regulation would have suffocated Bitcoin already in its early days. Regulation
comes at a cost. As it eliminates risks, it also eliminates chances.

------
nmeofthestate
I may be misremembering, but when MtGox was getting it in the neck for having
this bug in their ridiculous terrible custom wallet implementation, someone
asked "are there any reliable exchanges" and someone else answered "bitstamp".

Just goes to show, there's no use looking at a website (when that site is
effectively a black-box) and judging its competency from a general vibe.

~~~
smackfu
Probably thinking of this comment:
[https://news.ycombinator.com/item?id=7212862](https://news.ycombinator.com/item?id=7212862)

~~~
jnbiche
I stand by that comment. I'm disappointed that Bitstamp didn't take this issue
into account when designing their exchange, but unlike Gox, their
communication about the issue has been very good, and my confidence in
Bitstamp remains unshaken.

Also, it appears that the Bitcoin network is under global attack by some large
entity, so blame for the current exchange issues lie ultimately at the hands
of some attacker who doesn't like Bitcoin, or wishes to plunge the price.

------
650REDHAIR
Can someone give me a ELI5 breakdown of what's happening in the bitcoin world
right now? First MtGox and now Bitstamp.

Any reading material on the subject (for a newbie) would be greatly
appreciated.

~~~
dangrossman
Both of these exchanges apparently implemented the Bitcoin protocol
incorrectly. Their code that verifies a transaction has completed is
incorrect, so they can be tricked into thinking a withdrawal did not happen
when it actually did (or that a lesser amount was withdrawn). They need to fix
their code, as there _is_ a proper way to verify a transaction occurred or
not.

Some reading:

[http://qz.com/175565/why-nobody-can-withdraw-bitcoins-
from-o...](http://qz.com/175565/why-nobody-can-withdraw-bitcoins-from-one-of-
the-currencys-largest-exchanges/)

~~~
mason55
FWIW it's an error in the BTC reference implementation so it's an easy error
to make

~~~
Dosenpfand
Please stop spreading FUD.

>In the meantime, users of the reference implementation do not need to be
concerned. Transactions are always tracked properly by the Bitcoin-Qt/bitcoind
software.

[https://bitcoinfoundation.org/blog/?p=418](https://bitcoinfoundation.org/blog/?p=418)

~~~
mason55
Interesting. This thread on reddit states that it IS an issue in the reference
implementation and includes a patch

[http://www.reddit.com/r/Bitcoin/comments/1xm49o/due_to_activ...](http://www.reddit.com/r/Bitcoin/comments/1xm49o/due_to_active_malleable_transaction_relayers_it/)

Edit: The concern with the Bitstamp appears to be confusion due to transaction
malleability and NOT actual double spend or cancellation issues. However the
BTC reference client is not perfect at handling malleability and only gets it
right eventually.

------
Scorpion
So, did bitstamp _also_ implement incorrectly despite warnings?

~~~
patio11
It appears that Bitstamp did indeed use the creation transaction API in
bitcoind which returns a transaction ID and they made the incorrect decision
that the transaction ID returned had properties many programmers associate
with IDs, like "meaning anything at all."

What they should have done was waited an hour then done an O(n) scan of all
transactions globally in history to find the transaction by inspecting for
parameters which exactly matched the ones they provided. That is, the Bitcoin
developers now say, the correct use of the create transaction API.

Let me use an example programmers may be familiar with. Twilio lets you do SMS
messages with three parameters: from_number, to_number, message. You are given
back an SMS ID, which you can query to see the results of the SMS message
(like, say, was it delivered successfully or did it fail with an error like
"that telephone number did not exist").

Here's a discussion with Twilio in the bizarro world where it's like Bitcoin.

Me: "Hey Twilio I created an SMS message but when I try to query it for the
results it 404s."

Them: "Are you sure you created the message?"

Me: "Yep pretty sure."

Them: "Are you sure you are looking for the right message ID in
/messages/:id?"

Me: "Yep, I'm using the one that I got back when I created it."

Them: "Maybe it changed."

Me: "... What?"

Them: "Message IDs can change."

Me: "They don't usually change."

Them: "Of course, they don't usually change. Why have an ID if they usually
changed? They only change some of the time."

Me: "What determines if a message ID changes?"

Them: "Oh, anyone globally can change your message IDs."

Me: "That sounds a bit insecure for a system which is, by its nature, deployed
in a hostile environment."

Them: "Don't worry, they can't change after about an hour. Well, probably. It
would be pretty expensive for an attacker to change them after an hour. Don't
worry though, you'll never need an ID."

Me: "I find IDs useful for querying things. Like, say, messages. Which I have
to do. To see whether the message was successful or not."

Them: "Well you're already downloading every message ever. Just scan through
for one which matches the same from number, to number, and message contents."

Me: "... You're serious."

Them: "Don't worry though: they can't touch the from number, to number, or the
message contents."

Me: "... Does this sound a little problematic to anyone else?"

Them: "It's on our wiki, noob!"

[Edit: Maybe somebody thinks I'm joking. Let me point you to one of the
dangerous functions.

[https://en.bitcoin.it/wiki/Original_Bitcoin_client/API_calls...](https://en.bitcoin.it/wiki/Original_Bitcoin_client/API_calls_list)

Name: sendtoaddress

Parameters: <bitcoinaddress> <amount> [comment] [comment-to]

Comments: <amount> is a real and is rounded to 8 decimal places. Returns the
transaction ID <txid> if successful.

You should naturally, upon reading this documentation, figure "I should
immediately discard that transaction ID, because it could be changed
instantaneously after this message call. If I instead rely on that transaction
ID, I will allow malicious users to break the software I am building."]

~~~
weavejester
I feel I need to clarify some of your points, as they're a little misleading.

> Don't worry, they can't change after about an hour. Well, probably. It would
> be pretty expensive for an attacker to change them after an hour.

You use the term "pretty expensive" here without qualifying it. Changing a
transaction encoded in the blockchain would require outpacing the current
hashrate of the bitcoin network. That would require a significant hardware
investment, on the order of tens of millions of dollars.

> Well you're already downloading every message ever. Just scan through for
> one which matches the same from number, to number, and message contents.

You make it sound as if you wouldn't have to do this if you had the
transaction hash. You still need to iterate through the transactions
regardless. It's just a question of whether you use the transaction hash, or
derive your own from the parts of the transaction that are immutable.

Let's make your example a _touch_ more realistic:

Me: "Hey Twilio I created an SMS message but when I try to query it for the
results it 404s."

Them: "Has the message been delivered?"

Me: "I don't think so. I'm querying it shortly after I create it."

Them: "How are you querying it?"

Me: "With the message hash."

Them: "Ah, that explains it, then. A pending message may be changed before its
delivered, altering the hash. This makes the hash unsuitable for identifying
pending messages."

Me: "So how do I identify messages?"

Them: "Ideally you wait until they're delivered, but if you really need to
check for pending messages, you can search through them looking for a message
that matches on to, from and content."

Me: "That kinda sucks."

Them: "We know, but it's a difficult issue to fix. It's documented in our
wiki."

Me: "What if I don't read your wiki, or follow your mailing list?"

Them: "Then should you really be running an exchange handling millions of
dollars of transactions?"

Me: "... Good point."

~~~
patrickaljord
Sorry to ask that but if to, from and content can't be changed, why not make
the transaction id a hash of these three element using any deterministic
algorithm such as sha1 etc?

~~~
weavejester
As I understand it, this is essentially the fix the exchanges need to
implement. The exchange can generate a hash on the address, outputs and
amount, and use that to confirm whether or not the money has been sent.

~~~
Anderkent
However they still need the full transaction hash to reference any outputs
from it, as these are identified by the (txhash, index) tuple.

------
dublinben
This is terrible news for Bitcoin. The currency will die without the
exchanges.

~~~
aw3c2
Heh, you summed up the stupidity of the current cryptocurrency rush in one
sentence. Shouldn't they be self-contained and their success not be affected
by exchanges?

~~~
natrius
That doesn't make any sense. How do you obtain a new currency without an
exchange?

~~~
sirsar
You could use p2p transactions, get paid in it as a service, get it as a
handout, sell something for it, or, in the case of Bitcoin, mine it.

------
chrisBob
If only there was some regulation. Then maybe I would consider trusting these
exchanges.

~~~
snitko
Ahh, yes, regulation. Like when big exchanges lobby the government, then
monopolize the market and do whatever the hell they want while charging high
fees? Great idea.

What you want is an independent audit, not regulation.

~~~
rtpg
Hey, at least when there's a bank run I (well not me, since I have no money in
US banks) will see my federally insured $20k or whatever, even in the case of
collapse.

~~~
snitko
The problem here is that regulation is not voluntary. So, for example, if I
don't trust this exchange - fine, maybe I will only go to government approved
exchanges. But then another fella may feel he trusts this unapproved exchange.
It's his choice, why should I care? Why should I be forcing my concerns upon
him through government, in the form of regulation? Because, of course, if
regulation exists for exchanges, this other exchange wouldn't be operating and
this other fella wouldn't actually have a choice.

So it's important to remember - insurance and audit are great things. But
combine them with government policing and force and you have a regulation,
which only leads to restricting the choices consumers have.

~~~
rtpg
Because in the real world there's a huge amount of information asymmetry.
Because most consumers are not informed (not because they don't put the effort
but sinmply because they can't just look at the bank's books and decide
whether they're well off), this asymmetry greatly affects a consumers decision
to choose "correctly": it's not really a free market.

Obviously it depends on the regulations, but a lot of regulations are about
making sure that there's at least a minimum bound in the "quality" of products
offered, because of the asymmetry at play here. If there is none, we can end
up with "bad" products(that don't seem bad because we're uninformed) crowding
out "good" ones, and having the entire market be worse off.

The 2007 crisis was a perfect example of asymmetry causing markets to crash:
obviously there's the whole aspect of consumers being mislead on their
mortgages, but there's the even greater aspects of banks misleading each
other! Because of the opacity of the market of derivatives (nobody knew just
how invested everyone was in on certain obligations) no bank could make
informed decisions on what to do with their positions.

If we don't restrict some choices in the short term, then we can end up with
no choices in the long term. In areas of extremely high uncertainty,
regulation (notably concerning transparency) is necessary to make the market
freer (in the actual definition, not from the common usage of free=no
regulation).

~~~
snitko
_> If we don't restrict some choices in the short term, then we can end up
with no choices in the long term_

Is it a chant or something? We can end up with no choices. Or maybe we will
end up with more choices. Can you prove it logically without manipulating data
and suggesting it to be evidence? Because the 2007 crash you mentioned can be
explained from a different point of view, completely different from yours.

I can also say "everyone being able to own guns actually increases overall
safety and if you don't allow people to own guns, we may end up with less
safety". Do you realize this sounds exactly like your argument?

~~~
rtpg
I am not going to be the guy who figures out how to unify the world's
economists.

I'm not saying that every instance of markets should be regulated, I'm saying
that some markets in their unregulated form are not free, and can end up
imploding on itself. You might argue that a market in that form isn't worth
saving, but if a small bit of regulation can push the market in the right
direction you can end up with a healthy market.

You're going to have to explain your last statement, because I don't get it.

Every economic argument will reach the point of some guy saying "A" and
another guy saying "not A" anyways though, so might as well just stop here.

------
aestra
Does this relate to why coinedup suspended bitcoin withdraws and deposits for
around 14 hours yesterday?

[http://www.reddit.com/r/CoinedUp/comments/1xkft8/why_are_bit...](http://www.reddit.com/r/CoinedUp/comments/1xkft8/why_are_bitcoin_depositswithdrawals_offline/)

------
IgorPartola
I am lucky that about two months ago I moved over to Coinbase from both Mt Gox
and BitStamp. I wonder now if Coinbase is going to start having issues.

~~~
wfn

        > I am lucky that about two months ago I moved over to Coinbase from both Mt Gox and BitStamp. I wonder now if Coinbase is going to start having issues.
    

You mean something like this?
[http://www.reddit.com/r/Bitcoin/comments/1wtbiu/how_i_stole_...](http://www.reddit.com/r/Bitcoin/comments/1wtbiu/how_i_stole_roughly_100_btc_from_an_exchange_and/)

'Someone' didn't ensure their trading engine did atomic writes to a database
(by the way, that database doesn't do write isolation on multiple documents by
default.. guess which database is that? Hint: it starts with the letter 'M'),
which resulted in a potential race condition that could be exploited.

Coinbase uses that database, and apparently did not know that you need to
ensure atomic write operations.

 _edit_ nwh links to Coinbase CEO's comment that it was not them. Ok, good to
know. However, I still can't see how anyone would use said database in
critical/production infrastructure, sorry. Maybe in a few+ years time it will
be mature enough.

~~~
nwh
The Coinbase CEO mentioned that this wasn't them being discussed there, which
begs the question who else it could have been.

[https://news.ycombinator.com/item?id=7214973](https://news.ycombinator.com/item?id=7214973)

------
gtirloni
Starting a new financial system is proving to be very difficult. Who would
have thought.

~~~
baddox
Is there another currency or financial system, virtual or crypto or fiat or
otherwise, that has started from scratch and been more successful 5 years
after it was created?

------
mbreese
> This is a denial-of-service attack made possible by some misunderstandings
> in Bitcoin wallet implementations

So... they didn't handle transaction processing correctly either. Are there
any exchanges that are handling this properly?

~~~
psykovsky
> Are there any exchanges that are handling this properly?

I very much doubt it ;)

------
Fizzadar
So another exchange which ignored the known 'bug' in bitcoin and which as a
result made them open to exploitation. Why can't bitstamp just admit they have
a software issue and are fixing it?

------
dscrd
So it wasn't just mtgox being incompetent, then?

------
dpanah
This has to stop!

------
waterlesscloud
Probably due to the code they reused from back when they were a site to trade
Magic cards.

~~~
mcantelon
Wrong exchange.

~~~
waterlesscloud
I know. I'm mocking the ridiculous thread yesterday that was so insistent that
was a factor in the Gox problems.

