Hacker News new | past | comments | ask | show | jobs | submit login
Bitfinex just spent $23.7M in fees to make a single Ethereum transaction (theblockcrypto.com)
208 points by dustintrex 18 days ago | hide | past | favorite | 293 comments

Looks like the miner returned significant portion back.

Here is the block, showing a reward of 7678ETH: https://etherscan.io/block/13307440

From that 7676ETH was the fee by Bitfinex (see OP).

And here (around 10 hours later) is a transaction from the miner giving back 7385ETH to Bitfinex: https://etherscan.io/tx/0x85294effd53126b3bfa9e7f655267e00ac...

Wonder if they talked or just decided to do this as a show of good will. Either way, still kept around $800k so not a bad deal.

How much of this is... "Return it or we break your legs"?

I'd be significantly concerned about coming into $27 mn, even if (according to the laws of Medes and Persians and smart contacts) it was mine to rights.

There's "I hate you $1,000 much", and "I hate you $1,000,000" much. I should be able to manage the first. The second? Not so much.

Can confirm. I had a co-founder screw me out of >$1mm. It's not something I think I'll ever "get over". As in, if I see him walking down the street I may enter a state of temporary psychosis.

Sorry to hear. Just incase that ever happens you should delete your comment

You are dramatizing. Bitfinex is a bit shady but not Cocaine-dealers kind of criminal. Add that to the fact that many miners are anonymous or are actually pools run by actual companies. Best they can hope for is a legal proceeding.

> Bitfinex is a bit shady but not Cocaine-dealers kind of criminal

Not far off [1]. Serial counterfeiting, fraudulent tax losses, shipping "a large block of wood" in a box supposed to contain memory chips.

Granted, no proven track record of violence. But most people in the illicit drug trade have no such record. And this one doesn't show evidence of good judgment.

[1] https://www.ft.com/content/4da3060c-8e1a-439f-a1d7-a6a4688ad...

Legs? For that amount they will probably put a hit on you and your family lol

How would they know miner’s details?

Crazy. Was this just the result of a typo? Perhaps not, considering:

- The transaction sender set both the max total fee and the max priority fee to above 10 million. Most UIs require at least two manual setting changes to do this.

- The sender is Bitfinex -- they're pros and not just a mon and pop.

Maybe it could just be a transfer from the sender to whoever the miner is...

My guess is Integer VS Float.

Take a typical $23 transaction fee, which comes out to ~0.00775756 ETH

Of course, everyone knows you don't want to do math as floating point, you want to use an integer representation. 1 ETH can be divided into 1e18 "Wei" or 1e9 "GigaWei".

So that 23 USD could be expressed an an integer "7757560", with the expectation that the decimal point would get moved 9 points <- thataway to become 0.00775756 ETH

If somewhere in your code you do some kind of money formatting that turns 7757560 GWEI into 7757.56 ETH, you've got your $23,000,000 USD mining fee.

This is why in "classic" fintech they used so-called "decimal" fixed-point numbers for decades. To not use COBOL as an example let's check something more modern, e.g. Rust[1].

[1] https://github.com/paupino/rust-decimal

Ethereum uses integers to store transaction amounts internally. Integers are fixed-point already, so that library is completely irrelevant.

I didn't mean Ethereum itself, apparently the bug is in whatever code written at the higher level, inside the exchange or whatever service they use.

This sounds about right but I think the mistake is a little bit simpler. In an eth transaction you don't actually specify the total fee, you specify the gas price. In the raw transaction it is measured in wei. But in UIs it is common to represent price in gwei (see e.g. https://ethgasstation.info/).

So instead of a bug in converting gwei to eth, I bet somebody thought they were specifying the raw price in wei but the input box assumes gwei and does a x1000000000.

It looks like you were pretty much correct: https://blog.deversifi.com/23-7-million-dollar-ethereum-tran...

you win HN today, jazzy

But then, they should have basic "high mining" fees checks. My Trezor does have that.

My position for ages now has been that it was a mistake to make floating point types first-class primitives in most programming languages. Integers and rationals should be the go-to types for most code most of the time. If you really need a IEEE float, you should reach into a library to get it.

Well, this isn't very strong support for that position, because Ethereum doesn't support floating point, and yet here we are.

> Ethereum doesn't support floating point

The software that interacts with it does.

I think you mixed up the problem. Had they used floats they would have got a small rounding error, not a 23 million loss.

So all companies will automatically include the float library and thus nothing will change

What you include as a first-class element in your languages, versus what is packed away in a library, will affect what developers do with your language.

For instance, Numpy provides array-language [1] capabilities to Python, but because it isn't a first-class element in the language Python is not thought of as an array language, and using it as one would be a bit clunky.

[1] https://en.wikipedia.org/wiki/Array_programming

If the only thing you use computers for is processing financial transactions then that position is defendable

Any number of sensors, measuring devices and other IoT stuff disagrees with you.

Dumb question on my end, I apologize.

How are rationals used to represent decimals?

> How are rationals used to represent decimals?

Decimals are just the subset of rationals where the denominator is always a power of 10, so the representation and arithmetic operations are simple if you already have rational support (though if you need to preserve decimal results, you need approximation logic for division, since dividing two rationals with denominators that are powers of 10 may result in a rational with a denominator that is not a power of 10.)

> though if you need to preserve decimal results, you need approximation logic for division, since dividing two rationals with denominators that are powers of 10 may result in a rational with a denominator that is not a power of 10.

This is also true for adding, subtracting, and multiplying, though in those cases it is always trivial to convert the result into a form where the denominator is a power of 10.

The CEO of diversifi is Will Harborne. The Miner is Christopher Harborne his father. Assuming this was deliberate what benefit for Christopher Harborne to possess this coin for a few hours? (thats what occurred)

How did you confirm miner identity??

Huge if true. Link?

Not everyone uses UIs. It might be a typo in some custom code. Can happen with anyone.

Yep. In one of the previous cases of jaw-dropping txn fees, while we never learned who lost so much, we can be pretty sure it was a program as the exact same thing happened again 24 hours later.

Yes, they are a cryptocurrency exchange, how corrupt and inept can they possibly be?

> Maybe it could just be a transfer from the sender to whoever the miner is...

How could they know who the miner was going to be before the block was mined?

They could have sent the transaction directly to the miner instead of broadcasting it to the network.

I suppose, if they were willing to wait a long time for that miner to mine a block.

> DeversiFi — a non-custodial exchange that spun out of Bitfinex in 2019 — said the transaction originated via its platform, which offers access to DeFi protocols "without paying gas fees." These transaction fees, it turns out, are paid out through one of Bitfinex's main wallets, which ended up footing the bill.

Am I understanding correctly that Bitfinex is subsidizing DeversiFi transactions? How does this work? And why does Bitfinex do this?

If the money laundering theories in this thread are correct, then could be related to that.

But also Biftinex/Tether benefit if people lock up their USDT into earning schemes rather than trying to redeem them for fiat. It reduces withdrawal pressure and allows Tether to keep the game going.

(This is assuming the common theories that Tether is unbacked/poorly backed are true. In a ponzi, managing withdrawals is paramount, and all the crypto high yield earning on stablecoins provides a way to discourage withdrawals)

I haven’t thought through the trading aspect though or why that would be subsidized. I guess it does soak up USDT as well.

Edit: a couple other facts came forward.

Deversifi was originally called Ethfinex, a Bitfinex spinoff

The miner that got the fee is owned by Christopher Harborne, Bitfinex shareholder: https://protos.com/bitfinex-tether-digfinex-shareholder-harb...

> The miner that got the fee is owned by Christopher Harborne, Bitfinex shareholder

Oddly enough I looked at DiversiFi’s twitter[1] right after reading your update and they re-tweeted[2] someone mentioning DiversiFi’s founder, Will Harborne. Are they related?



Looks like a strong probably. This person on twitter says the linked issue of Private Eye says they are father-son:


I misinterpreted a tweet. Chris Harborne did not own the miner. His son (I think), Will Harborne, runs Deversifi, formerly Ethfinex.

Not at all red flags in this little thread. I work in a bank, my heart is skipping a few beats just reading this ahah

Sorry. How do you know the miner is owned by Christopher Harborne?

They don't allow redemption of tether for dollars. There is no withdrawal pressure, right?

You can't redeem tether for dollars from Tether themselves, yes, but when you swap tether for dollars at a third party exchange then Tether has to pump some dollars into the trade to support the peg.

Do they? Anyone who believes in the peg could provide that liquidity.

Reduces pressure to withdraw USDT for fiat on exchanges. Tether has to support those pegs or they break. Same difference

Do they? Genuine question. How much does bitfinex support the price at $1 on exchanges?

I’m not sure if they do, but if there was sell pressure they would have to or peg would break. Possible there is not sufficient sell pressure at moment.

When you sell USDT for USD on exchange, someone is providing that dollar. If no private market participant willing, then peg slips. You would expect fiat withdrawals in downturns and peg slippage absent support.

>How much does bitfinex support the price at $1 on exchanges?

An open question. Several attorneys general have ongoing investigations regarding the tether peg.

A really grim and cynical person might make the case that exchanges want something like tether to exist, and are incentivized to fudge the public-facing numbers regarding tether trade volume and its order book.

I think what you're saying here is that if there was a run on tether, bitfinex might stop supporting it. And sure, I think that's probably true. But I'm asking how much of a role do they play in actively supporting it day to day. Are they the principle buyer of the currency when people want to liquidate? Or is it other people?

If you asked Bernie Madoff on December 10th 2008 how well his investment fund was doing, he would say "Excellent, thank you."

The set of people who have inside information on how tether functions and the set of people who would actually tell the truth about it are entirely disjoint.

Ask the Bank of England about their desire to maintain Breton Woods

Kraken.com smelled the bad fish years ago. They made tether a normal exchange rate. If there is a "rush out of the door". The value would just drop :)

Theoretically, what is stopping BitFinex from supporting the peg predominately on BitFinex and letting arbitrage traders take care of the rest?

Who's "they" here? Remember, Bitfinex == Tether

Well, they officially don't guarantee that they will redeem Tethers, but in practice they do, at least for the time being. So any withdrawal pressure would be de facto rather than de jure

In practice they do?

Last time I checked, there were significant "limitations" (to be charitable... that you could only redeem holdings above $100K, only if you were a non-US person, and subject to 90-180 day holding periods.

People have also offered bounties for proof of people having redeemed Tether, and those bounties are still outstanding.

My suspicion is that if anyone has actually redeemed Tether, they are either institutional (and Bitfinex doesn't want to piss them off) or an insider/"friend".

Institutions are happy to provide arbitrage on tether -> any other crypto since they can redeem. Sure there's an extra step involved, but there's essentially no difference between selling to an institution for $1 of crypto and redeeming for $1.

The founders of CMS holdings talk about redeeming tether all the time. It's literally just the same as redeeming USDC or any other stable coin. And before you say they're insiders, Dan (one of the founders) used to work with the creators of USDC.

So they're an institutional investor. Like I said.

An institutional investor with ties to their biggest competitor, bit different.

Yes and no.

Yes, USDC and USDT are different "securities".

But that's like saying that in the regular market that because Charles Schwab and Fidelity are competitors, they don't have a whole lot of cooperation - they do, because at that scale (and with the amount of arbitrage and speculation in crypto), you need to cooperate with your competitors, or you will be iced out.

Note that DeversiFi uses StarkWare's StarkEx Ethereum scaling technology, and does so in off-chain data mode.

This means that Ethereum transaction fees for DeversiFi's end-users are extremely small because they use almost no marginal L1 Ethereum gas.

So, Bitfinex subsidizing DeversiFi's users' gas fees is not as expensive as it may sound.

In this case, the $23.7M fee was likely in error and unlikely to be money laundering because the fee was paid to a random miner.

If you're interested in Ethereum's state-of-the-art scaling technologies https://starkware.co

(This is not meant to be a critique of you, just a rant about a particular strain of blockchain evangelism)

It never ceases to amaze me that blockchain aficionados on one hand praise the supposedly revolutionary transparency of the blockchain, while on the other hand extolling that the "state of the art" concept of a ledger that isn't on the blockchain, is going to be what finally makes crypto "scale" and become viable for the masses.

This is like saying that anything not directly querying the root DNS nodes is not really using DNS. DNS responses are cached from said DNS nodes, and served by the myriad of DNS servers.

In a similar sense, blockchains with layer 2 scaling, result in all address balances being stored in the central blockchain, while people can transact with each other directly and instantly in a zero-trust, cryptographically secure manner. When either party in the transaction is "done", one of the parties will commit the address balances to the blockchain for the world to see. (The only model that makes sense, and actually allows for scaling, is a hub-and-spoke model, where everyone connects to a "node", much like with DNS, and lets the node handle the routing. This way users could keep accounts open while transacting with many different people / businesses.)

StarkEx is a blockchain, it’s just a blockchain that gets its security from another blockchain and has configurations for how to handle data availability.

So, how do you cancel a transaction with such an obvious mistake when it is recorded on a blockchain?

(This is a rhetorical question.)

EDIT: Why the downvotes? It's not okay to discuss the fact that in the possibility of human error (assuming this is one, and not a very wild —yet successful— bet on a laundering attempt), the incapacity to cancel transaction may be a problem?

You can ask Buterik to roll it back for you. He did it once for the DAO guys, so worth a try.

(Of course, that rollback also demonstrated that Ethereum is a centralised coin with a controlling entity, and that 'code is law' is just a lie, but that's another story)

No it didn't demonstrate that. Vitalik et al reached consensus for rolling back the DAO hack. A major reason why they reached consensus was that so many players had a vested interest in the rollback. If Vitalik had tried to push something unpopular, he wouldn't have been able to push it through, because - in contrast to your claims - Ethereum is not a centrally controlled blockchain.

The only difference between this and an attack is that the purpose was altruistic. It's one thing to shift to new/updated infrastructure, it's another to manipulate blockchain transactions. We just have to hope that Vitalik or whoever holds the most sway over Ethereum doesn't ever act in bad faith (in a way that may not be immediately discernable to others).

It’s increasingly hard for any person to have that much influence with so many different client implementations for Eth2, and the nodes will have to accept those changes, whereas Bitcoin is pretty much Bitcoin Core.

I guess you'd better hope you're never on the wrong side, politically, from a majority of ETH miners.

"This guy who we all hate now owns $100MM in ETH? Now he doesn't."

This is also how nation states work. And it takes probably far fewer people, less time, and can be done in secrecy when the US wants to enact a sanction and freeze accounts than it does to hard-fork ethereum.

Yeah they can always coordinate, but these things are never so clean. They'd also need to be convinced it wouldn't undermine the network faith in a way against their interests, beyond being a well hated figure. And that no fork would emerge reinstating the person (as their deed is far from hidden)

Yeah, miners and node operators. That’s how this has always worked.

Miners can't just take money out of your account without your consent. That would require a change to how the protocol works.

At best a cabal of miners could censor you by refusing to include your transactions into blocks, and refusing to mine on top of any block that includes your transaction. But only while they maintain a majority of hashing power.

> Miners can't just take money out of your account without your consent. That would require a change to how the protocol works.

But that's exactly what we were talking about: hard forks that change how the protocol works. The parent comment that you responded to is correct in that theoretically a majority of miners could fork Ethereum to steal $100M from a single person.

The majority of nodes/users (not miners) would need to switch to the miners' new fork. Otherwise if the miners mined a block that doesn't follow the current protocol, it would be an invalid block and rejected by the network.

> The majority of nodes/users (not miners) would need to switch to the miners' new fork. Otherwise if the miners mined a block that doesn't follow the current protocol, it would be an invalid block and rejected by the network.

In the event of a contested hard fork both chains would continue to live, because some miners would mine chain A, and some miners would mine chain B. Yes, miners who mine the old chain would not accept blocks from miners who mine the new chain, you are correct about that, but the same statement holds true in reverse: miners who run the new chain would not accept blocks from miners who mine the old chain.

If a majority of miners decided to steal $100M by forking the chain, they absolutely could do that, even if the majority of users would support the old chain. In that event the tokens (which used to be worth $100M) would now exist on both chains, and it would be up to the market to decide how much the tokens are worth on each chain.

You don't need a majority of miners to create a hard fork. I still maintain it is up to the majority of nodes/users to determine if it is valid. If there has been a hard fork then by definition the network has rejected an invalid block(s). It is up to nodes/users to determine which network is "the" coin and thus mining valid blocks.

> You don't need a majority of miners to create a hard fork. I still maintain it is up to the majority of nodes/users to determine if it is valid. If there has been a hard fork then by definition the network has rejected an invalid block(s). It is up to nodes/users to determine which network is "the" coin and thus mining valid blocks.

Nope, I was very clear that in this context there is more than one network, so expressions like your "by definition the network has rejected invalid blocks" doesn't make sense. Network A rejects blocks by network B, and network B rejects blocks by network A. There is more than one network. You don't need to look further than Ethereum Classic to see that this can happen in practice. The "minority chain" doesn't just disappear magically.

I think we are losing track of the original claim which was miners could steal $100M from a user. Let's say I create a fork (network B) in which a user's account is set to 0 and mine has the amount that the user once had. In no sense have I stolen $100M from the user if it's on a chain that people don't recognize as being the one that represents the user's money (network A).

The original implication was you don't want to piss miners off otherwise they can unilaterally decide to take your money away. That is false.

> The original implication was you don't want to piss miners off otherwise they can unilaterally decide to take your money away. That is false.

If you are retreating your argument to that goal post, then we are in agreement: pissing off miners will not result in miners stealing your money. Your original argument was stronger, however. You were asserting that a minority-supported fork would not be able to steal money, which is not true.

I'm not retreating anything, that is still my assertion. The miners alone cannot delete your money. That was the original claim[1]. My responses[2] from the beginning have been addressing that.

It is a common misconception that miners, because they are the ones who produce new blocks, have power over the network and set the rules. That is not the case. Miners determine the order and inclusion of __valid__ transactions. Deleting your money would require a fork. Even if a majority of miners mined their own fork but didn't get users/nodes on board they would be wasting their time on what is essentially an altcoin that they alone care about. The network would ignore them and your $100M has not been deleted because it still exists on the chain everyone actually cares about.

There are only so many different ways I can state the above idea (going-on 4 times in this thread alone). If you still disagree, then I'm sorry I wasn't able to explain it any better. I'm going to politely decline from responding any further to this thread because I think we are just wasting each others' time.


"I guess you'd better hope you're never on the wrong side, politically, from a majority of ETH miners."





You're talking about minority-supported forks as if it was some kind of hypothetical scenario, where these forks couldn't possibly have any value. But it's not a hypothetical scenario, it's a scenario which has occurred multiple times in practice. So we don't have to discuss in hypotheticals about whether those minority-supported forks would have any value or not; we can look at what actually happened in those instances. For example, Bitcoin Cash right now has $9B market cap (not $0, like you imply).

The original claim was simply that the miners could delete $100M, not that a single person could unilaterally steal it.

I think it's not impossible to imagine miners and nodes voting to hard-fork a coin because some genocidal villain, Mr LiterallyHitler, had a large amount of wealth wrapped up in it.

Technically wasn’t a rollback but my understanding is it was a state change, and was done with community consensus via carbon vote.

Let’s not mention what Satoshi did in 2010 with the 184 billion BTC hack though ;)

You're getting downvoted because it's a longtime well-known problem of the blockchain. The answer to your question is that nobody can reverse the transaction or undo it. That's kind of the point, for better or or for $23m worse.

Please don't go on about downvotes—this is in the site guidelines: https://news.ycombinator.com/newsguidelines.html.

If the downvotes were inappropriate, other users will usually correct them (https://hn.algolia.com/?dateRange=all&page=0&prefix=true&sor...), but off-topic, guidelines-breaking complaints like the one you added don't get garbage-collected when that happens, so they linger on, adding noise to the thread.

It’s pretty easy to revert it: you fork the protocol. The ETH guys already did this once, hence Ethereum Classic.

The idea that the code maintainers get to decide which transactions are valid or not is insane. Almost as insane as saying an 'easy' fix is to arbitrarily fork the chain undermining it's whole purpose.

I'm not defending anything here but adding context. It wasn't JUST the "code maintainers." They made a proposal and all of the nodes "voted" by opting in or out. A lot of them opted out (Eth Classic) but majority usually wins in these situations. Did certain entities have more influence or power in this situation, yes 100%. Is that better or worse then how it would play out in standard US finance system? I'm not sure, you decide.

USD doesn’t split into two different competing currencies when a transaction has to be reversed, so I think the ethereum solution is clearly worse.

You can roll back Ethereum transactions without forking the blockchain if you build the rollback mechanism into your settlement contract.

There isn’t anything to “fork” in USD since it isn’t a blockchain, but different USD settlement layers get out of sync and have to be manually reconciled. If you instead tried to “fork”/replicate USD in that situation, you’d probably be thrown in jail for life. I personally prefer the blockchain way of expressing my option through code and seeing if anyone wants to follow me and not having to ask for permission.

The new kingmakers are the stablecoins. Whichever chain they decide to honor has a huge amount of economic weight behind it.

How much of this economic weight is real, at least in the case of Tether, is another story. I suspect we'll find out in the next few years as regulation ramps up.

> undermining it's whole purpose

Quiet, now. We don't want people to know about systemic risks to crypto.

And Ethereum Classic has a nice solution: 51% attack and mine the txn yourself.

I'm guessing you're also getting downvoted because sarcasm and rhetorical questions and not great ways of starting meaningful discussions.

Can't anyone ask question to HN Gods without fear of being ridiculed? I am also curious about this myself.

Yes you can, but that wasn't a geniune question.

I'll answer even if it's rhetorical, but there are some blockchains (I used to work for one) that allow arbitrary state transitions as long as it's approved by an approved authority.

Now, Ethereum has another way to fix this: forbid transactions that use a gas fee MUCH MUCH larger than the current average one.

if it's mined the only possible way would be to bribe the miners to revert the blocks by paying even more (like time bandit attack) or renting soooo much hashpower to create your own fork.

If it's not included yet you need to send another transaction with the same nonce that sends yourself 0 ether but with a higher gas price asap, this is not a guarantee however because the miner would probably still go with the transaction that is more profitable for them and because the fee was so high it got included in under 1 minute.

So once this transaction landed in the (public?) mempool it was gg.

And sending a tx with a fee bigger than $23m wouldn't actually fixed their problem

Reversing transactions is massive problem in finance in general. It causes losses for merchants in both physical shops and online sellers because there's no objective measure of whether a transaction was a mistake or not so it's begging to be abused for fraud. Even if a court decides, somebody still loses when both parties had different expectations. People have overpaid wages or social welfare payments taken back from them after they already assumed it was correct and spent it, and are now in a big debt. People accidentally sign contracts that require them to pay more than they expected. There's fraud where people buy an item online, then claim they never received it and get their payment refunded while keeping the item.

Here's an example of traditional finance screwing someone over for making an obvious mistake. Where's this ability to reverse transactions when you need it? https://www.livemint.com/opinion/online-views/a-fascinating-...

You're assuming there's some benevolent God who can arbitrate who's right and who's wrong. In reality, people get screwed by bad payment reversal decisions all the time and there's no objective way to decide in every case.

> You're assuming there's some benevolent God who can arbitrate who's right and who's wrong

Literally nobody assumes this. Please don't invent strawmen.

The point is, even with all the failings of the courts, different interpretations of language, and every other flaw, it's still better than having no recourse at all.

> There's fraud where people buy an item online, then claim they never received it and get their payment refunded while keeping the item.

And of course, the blockchain solves none of this. It just makes rectifying the problem far more difficult.

> > There's fraud where people buy an item online, then claim they never received it and get their payment refunded while keeping the item.

> And of course, the blockchain solves none of this. It just makes rectifying the problem far more difficult.

Web3 stores would use an escrow service for physical goods where the buyer's money goes into the escrow contract and gets released to the seller when the buyer receives the item. In the case of a dispute it would summon a Kleros jury of say 30 jurors who would look at the presented evidence and come to consensus on an outcome. A lot of these problems have already been solved in a decentralized way but it's still early days so higher complexity projects take a while to come to fruition.

How would any reversals be decided without a benevolent God? I've shown that traditional finance can't do it "correctly". Apparently smart contracts can't either. Courts can't because the law is sometimes ambiguous and unknown before it's tested in court. Traditional contracts can't because people get tricked by not reading the fine print. I think nobody can except an imaginary benevolent God.

If you just call the boss of reversals and say "sorry I made a terrible mistake, please reverse the payment", how can he trust that you're not the fraudster yourself? Even in the case in this article, how can any 3rd party truly know that it was a mistake and not just someone pretending it was a mistake so they can get it back?

Blockchain solves the problem of chargeback fraud. It's one specific class of fraud but it's solved by that technology even if other classes of fraud are created.

Not in every case, for sure. But many cases are pretty easy to arbitrate. This one for example: when the transaction fees 230× greater than the transaction amount, it is fair to assume that is was not meant to be that way. If I loose my credit card and/or it gets stolen, and someone uses it in the time between when I declare I lost it and when it is blocked, my bank is required by law to refund me (and I guess my bank attempts to get their money back too, but that's not really my problem).


> There's fraud where people buy an item online, then claim they never received it and get their payment refunded while keeping the item.

A blockchain can't solve that kind of problems. And it never will. It is not because something is written on a blockchain that it is true, except for cryptocurrencies because that is how they define truth. But as soon as you have something happen in the real-world (in your example, an item sent in exchange for a payment), then a blockchain is useless, or at least, it is not any more useful than any type of ledger.

Everyday credit card users who rely on the bank to protect them from fraud should not be using cryptocurrency directly. They also should not carry their money around in cash, yet cash still exists and people can take personal responsibility for the risk of loss if they choose.

A blockchain can solve "didn't receive the item" fraud because the merchant has the payment before they send the item and can refuse to refund it. Of course it creates a new kind of risk for the buyer, but that's not what we're talking about here.

It's inevitable that transactions made in error cause problems for the sender or receiver or both, but it is still better to have a human judge scrutinize the case with the ability to impose a more reasonable outcome than the status quo, than to have no such recourse. The position of defi fans that it is better to have no such recourse is ludicrous.

Your example is a good one: that particular case was carefully scrutinized by the court and the judge decided that the outcome was reasonable, mainly because the creditors who received the money were owed the money. If the outcome was obviously unreasonable, e.g. Citibank had simply sent $1B to some random address, of course the judge would have reversed it.

>Here's an example of traditional finance screwing someone over for making an obvious mistake. Where's this ability to reverse transactions when you need it?

It still exists, and note that the case did reach a court. It just happens that the beneficieries were also owed that money, and that allowed them to win the subsequent lawsuit:


If you’re in the financial transaction business, a big chunk of the service you provide is dispute handling, people tend not to realize this. It isn’t a simple cost of business or side service, it’s a primary competence of anybody responsible for handling money.

Yes, that's why it's a big problem. They also often make the wrong decision and leave people screwed over. Just look at all the complaints from Ebay sellers who got ripped off by Ebay siding with the fraudulent customer. There are cases where the seller can't trust the buyer and the authorities that are supposed to be arbitrating disputes can't be bothered doing their job because it's too hard. That's where crypto's non-reversibility is useful.

You negotiate with the recipient of the transaction to return the money.

The fee went to the miner, not the recipient of the transaction. So probably an anonymous mining setup that has little incentive to return $23M

That sounds like a lot of trust to put on someone in a “trustless” system

It's the exact same flaw as cash. If you mess up and send it to the wrong person in the mail or set it on fire, there is absolutely no recourse, unless there's someone to sue maybe.

As long as you understand that I don't see the problem. I use cash a lot myself. Of course, we basically did invent the entire banking system to get away from the many downsides of literally lugging bags of gold around, like theft and loss without recourse.

Yeah, I hate it when I accidentally pay someone 6 orders of magnitude more than I meant to when I’m using cash. Just like cryptocurrency!

Citibank managed to do it with USD and still hasn't gotten it back.

Meanwhile in this case the miner gave back the money so maybe the tech isn't the issue?

Once it's recorded on the blockchain, there is no way to cancel it.

If they are lucky, they may be able to reach out to the miner and get a portion returned. Probably just tough luck though.

Unless you just get the devs to write it out of existence and fork the chain.

it varies from coin to coin.

in limited cases you can perform another operation which makes the preceding operation illegal.

in normal cases, not being able to cancel is the entire point of the technology.

You're pointing out an obvious major flaw with blockchain that is a consequence of what many in the crypto community believe to be an advantage, namely that your assets cannot be seized without your private key.

Your post is basically this, but less humorous so people are upset. https://xkcd.com/538/

So to answer your question, how you revert this transaction is to buy $5 wrench and go have a conversation with the miner.

There's a bit of context on this Bloomberg article https://archive.is/dnT51. Claims it was a mistake.

Somebody was in a rush to get tx included, I hope they didn’t wait too long, respect.

I guess the $23M fee was something that the market could bear.

What is that, one NFT?

Is it perhaps the only way to make sure the transaction ends up in the correct miner’s block?

It's the opposite of that. Miners will try to grab higher fee transactions first, as soon as they see them broadcasted

What's most incredible to me is that the sender has $1.4B in ETH:


Just a few more zeros, and this could have been a company-ending mistake. Bitfinex should probably reduce the size of their hot wallets.

Bitfinex/Tether is probably the single richest entity in crypto. A $1.4B loss would not be close to "company-ending" for them.

$1.4B loss would lead to huge market dip though, as crypto is fairly sensitive to these events.

Can someone please explain to me how this is possible and what is the miner supposed to do if they don't have all those Ethers?

Think of ETH fees as more or less an auction. When you submit a transaction to the Ethereum network, you're hoping it will be mined as soon as possible. Miners select which transactions to include based on the miner fee.

The minimum miner fee that is required for a transaction to be processed promptly is therefore constantly an open question / constantly changing, which gives rise to services like https://ethgasstation.info/ which attempt to tell you how much you should reasonably expect to pay.

In terms of how today's outcome is possible: when you are submitting a transaction, any amount of ETH that you have on your account could validly be spent as the fee.

So in this case, either by human error or a software bug, someone with a large amount of ETH in their balance essentially spent all of it on the transaction fee.

The miner _gets_ all of those ETH. So some lucky miner just got a huge spike in profit.

They probably mixed up their spent output with the fee output. It happens from time to time and some miners are happy to send the funds back. But it'll be interesting to see what happens in this case when it's $23m.

That’s the case for Bitcoin but ETH doesn’t have inputs/outputs.

The miner received those ETH, nominally in exchange for their services validating transactions.

Previous situations like this have been the result of the transaction author (or their software) making a mistake.

Someone submitted a transaction with incorrect parameters allowing this to happen and the miner got a $23m tip as a result

Seems more like fraud/money laundering, from what I can tell

Ignoring the already public statements that have already been made by the Bitfinex and co, and the fact that a large transactions like this is guaranteed to trigger folks in the community to poke at the transaction, I'm curious what leads you to believe that its a money laundering attempt?

Details are scarce at this point but this is just another data point suggesting that DeFi doesn't solve a real problem. Yes, the existing financial infrastructure is slow and costly but in a pretty good local maximum. Touted features of DeFi that are arguably worse than what they're replacing:

1. "Your contract is executed exactly as it is written! No loopholes, no shenanigans!" Clearly this is a double edged sword. Since code is a lot more complex than written human language, expressing intent can be very difficult. In a regular contract, if your counterparty figures out a clever way to cheat you out of your money, you can sue them in court and the judge will very likely tell them to give the money back and slap them with damages too. Apparently in Ethereum Smart Contracts, you can accidentally/inadvertently allow for a gas fee that 230x the transaction value and there's literally nothing anyone can do for you. 2. "No need for expensive lawyers/bankers!" True! But you now need to pay expensive computer scientists to write/review your contracts, who are probably at least twice as expensive as the bankers. Oops. 3. "Not centralized! Don't be chained by unjust government regulation!" True, but also probably not optimal for 99.5% of people. Anyone who has been banned from Venmo for making a North Korea joke knows how annoying AML/KYC is, but by and large the regs (in the US at least) are written in a way that protect the average joe and society as a whole.

100%. I keep harping on the point that "smart contract" is such a bad name for these things. A real-life contract is not the execution of the task(s) itself, it's the legal recording and reinforcement of the promise(s) made by the parties if/when things go wrong.

Smart executor does sound pretty grimy though :)

In normal contracting the paper is the source code and you need to find some real live people to be the compiler. Sometimes it's everyday people, sometimes operations professionals, developers, finance or legal personnel. Ultimately you always can fall back on the court or arbitrator as the ultimate compiler and interpreter. So, different compilers maybe for smart contracts? ....

I'm trying to roll with you on this idea, but I can't help but think that this is just a square-peg round-hole thing. I am a (mostly non-practicing) lawyer; but I teach IT full time.

Like "A.I," a lot of people dream about the idea of revolutionizing or strongly improving on law via code, and I don't see it happening, ever. It's this well meaning and seductive idea that we can leverage the superior power of computery thought and ideas to "correct" the foibles of humans -- but I think "human disputes" are too slippery to be bound by code, and the beauty and triumph of "law" as a system is that it too is slippery enough to manage it reasonably.

To me it's strongly related to the complete layman fantasy of "well, they should have just written the law more clearly and everything would be fine."

Don't discount the capriciousness of the law's execution. In many cases, being the right skin color and wealthy comes across like a superpower compared to Joe Average. I'd hazard a guess that many "use code for law" types basically want to put Lady Justice's blindfold back.

That doesn't mean it's a good idea, nor that is bad. It comes from good intentions, is all.

(Very aware that those can be used for paving certain roads)

Back? :)

Sure, I get the impulse to try and that in many ways is the lovely thing about the spirit of tech and hackery... buuuut also I'm a black man whos seen e.g. entirely too much "oh they were well intentioned" when the AI thought the black folks were monkeys. So, yeaaaah, not holding my breath. :)

Yes, and the reverse also is an interesting thought exercise-- if this paper contract really was a piece of software, what would folks do to QA it, write it, interpret it. I mean, paper contracts are written using hopelessly buggy and ambiguous human languages theoretically capable of so many non-harmonious interpretations. The solution really is about friendly, trusted compilers approaching the contracts from a fundamentally cooperative direction. You write a contract with your trusted partner on a napkin at dinner. And when trust fails, courts interpret in an explicitly prosocial way.

Not just 23x...but 230x transaction value ($23M to send $100K). Not to mention it was 7,700,000x the going rate for the other transaction in that same block.

This might be a very naive question, but would it not be the case that many contracts would be essentially similar in nature? So while weird loopholes would exist at first, over time there could be a large library of tried-and-true contracts which could be applied to the situation at hand?

The key difference (which is categorical) is that if there is a latent bug in one of these contracts that goes unnoticed and then gets exploited later, you're still out the money. Intent doesn't matter.

There is essentially a 0% chance of such an outcome with a regular contract (at least in US contract law). Intent is a cornerstone of contracts in the real world. Just because someone came up with a clever "exploit" doesn't entitle them to rip you off. This is a very good thing.

On Ethereum there's an organization called OpenZepplin that does exactly that. They have common code for making contracts that are ownable, upgradeable, follow NFT / ERC20 standards etc.

Makes it much easier to write safe solidity code.

That is arguably tending towards centralisation, as there will then be a market of brokers that know which contracts to suggest, and then there will be other places that will only accept contracts from a known broker.

There will, of course, be the more expensive brokers that can exploit loopholes, but even as a stretch this isn't vastly different to a bank account in the Caymans.

Of course, you don't have to participate - you can hold the 'cash' equivalent or concoct your own scheme, but you're not as protected from loss as you otherwise might be (provided there's an insurance package of sorts, in the absence of regulation).

Smart contract code is open-source[1], so the centralization you're talking about shouldn't be confused with the (de)centralization of power people talk about when they talk about the decentralized web or decentralized finance. Circling around a small set of trusted open-source technologies doesn't cause centralization of power, as we can see with GNU/Linux, HTML/JS, ...

[1]: On many platforms smart contracts are stored in the form of high-level interpreted languages. On Ethereum, the blockchain stores EVM code (assembly), but contracts that haven't "verified" their source, typically by uploading the high-level code to etherscan.org, are seldom used (with some notable exceptions).

I contend that it doesn't cause centralisation of power, but centralisation and power are inevitable should the project hit the mainstream, proper:

- GNU/Linux - GNU/Linux is open source but centralised. The userspace is the part that is distributed, via operating systems, and the source control is distributed, via git. But it's all for one Linux kernel. You can also build your own kernel, but that doesn't really make linux 'decentralized'. Similarly, Linux for a lot of people means 'Ubuntu'.

- HTML/JS - this is centralised under WhatWG/W3C, etc. Arguably, these days, it's actually centralised under Chrome, because what Chrome does eventually becomes the spec. You can freely build your own implementations of HTML and JS/Ecmascript but most likely, you are using the centralised implementation via webkit, blink, or gecko.

So, the fact that smart contract is open-source doesn't really mean anything. It'll grow big, then as a matter of convenience it will start to consolidate. git, for example, is decentralised, but git forges (github, gitlab, etc.) provide centralisation as a convenience.

Imagine a scenario where a popular contract is discovered to have a serious flaw years down the line, and they can't be patched.

You are correct and there is already a bunch of off the shelf contracts that are basically plug and play...however it takes little knowledge to actually publish said contract and a small typo can either make the contact never accessible or easily exploitable.

> Since code is a lot more complex than written human language, expressing intent can be very difficult.

Isn’t that the other way around? Natural language remains an unsolved problem, and formal verification of software is pretty much a requirement for compilers. Your example is evidence of that: intent in natural language is easy to distort and hard to prove, thus making it much more complex

Well let's put it this way - in natural language, we say stuff and implicitly assume we've done our best to express intent, but it may not be perfect (hence lawyers). In smart contracts you express your intent into a contract and then we pretend there was no intent. There is only the contract. And that's a massive floor.

Right. Natural language is more complex and nuanced.

Hard to say if this satirical or not ("Etherium") but will respond in good faith. 1. Same argument can be used in the opposite way, you can verify the counter party will act as expect, there is no need for costly litigation as backstop. 2. An engineer reviewing a contract once will not be more expensive than hiring a full time banker to review each transaction or a lawyer to pursue a legal battle. 3. Decentralization and regulation are not mutually exclusive.

Agree with 1/, disagree with 2 and i have a different point of view on th 3rd point.

A lawyer can review a contract, miss a loophole/backdoor, and then argue to the court that the backdoor was placed there in bad faith, recoup his client losses. You can't do that with code. If you load a backdored code, you can't argue "this is unfair" to a court of justice.

On the 3rd point, i think "good" crypto (and by that i mean non-obvious shitcoins) tend to centralize a lot.

> You can't do that with code. If you load a backdored code, you can't argue "this is unfair" to a court of justice.

Why not? Assuming the miner and you are in the same jurisdiction, what prevents you from suing them? Seems relatively straightforward.

Because of limited responsability mainly. Did anyone attack microsoft for the catastrophic 0day ~2 years ago?

This accident actually proves the exact contrary. Despite these obvious flaws, people are still using DeFi.

There must be something of value in there that you're missing. And it's not speculation, as there are way better ways to speculate in crypto than by using DeFi (shittokens, NFTs, ...).

Lottery tickets aren't a good investment, but people still buy them.

It's certainly true that there is activity in the DeFi space, and it's certainly possible that this activity is because DeFi is just so gosh darn amazing at solving people's need for basic financial products.

...at least in theory. But if you're going to make that rather extraordinary claim, I think you need to provide some extraordinary evidence.

I'm disputing the logical conclusion from the facts at hand that no real problem is solved, not providing a value judgment about DeFi.

It's not an extraordinary claim but common knowledge in the start-up investment land that when you see an ugly, flawed product get an unexplained amount of engagement, you become interested.

> Lottery tickets aren't a good investment, but people still buy them.

Lottery tickets solve the real problem of hopelessness about improving one's financial situation through work. It might not be a worthwhile investment in financial terms, but it has its use just like entertainment media or alcohol.

People inject heroin, drink liters of soda and gamble their life savings away too, but none of that is evidence that these are healthy or socially valuable activities.

My explanation of the prevalence of DeFi is that it's currently at or near the peak of the hype cycle and there's a ton of money to be made either by trying to legitimatize the ecosystem or else via run of the mill pump and dumps.

"There must be something of value in these tulip bulbs because everyone is investing in them."

Investing != using.


People pay tens of millions of dollars everyday to use these on-chain platforms. They could avoid all those fees if they just wanted to speculate on token prices by using centralized exchanges, of which many have very lax KYC requirements.

I don't have a breakdown of what people are using Ethereum for, but certainly a lot of those uses are stuff like NFTs, i.e. implementing other purely speculative assets. And there are lots of crypto startups using Ethereum, whose money is sourced from a different kind of speculation (er, "investment"). So again, it's not enough to just point at activity and say "look, real value!"

I don't disagree that the vast majority of the activity derives more or less indirectly from price speculation of some sort. But the thing to note is that so much of it is done on-chain instead of on centralized exchanges which have comparatively negligible fees. At the very least this proves the technologies themselves as suitable platforms for speculation (vs simply being the target of speculation).

"Speculation platform" is already a big, legitimate and very popular use case (the importance, influence and appeal of Wall-Street in the US and the whole world is evidence of this).

But how much of the "value" of the chain "as a platform for speculation" is simply the hype around crypto? (Which is, in large part, driven by speculation-driven rising prices of cryptocurrencies.)

For example, anyone could have sold the equivalent of NFTs decades ago using a centralized ledger (perhaps using multiple trusted third parties for security). That didn't happen.

Likewise, it's pretty clear that if you have a startup idea that could be implemented with or without crypto, you get a valuation boost if you take the crypto route. (Hello Long Blockchain Corp.)

So: speculation-driven cryptocurrency prices rise -> entire crypto sector hyped to the moon -> startups move in to collect hype-driven investment -> smart contract activity observed -> this "proof" of utility drives more hype.

And of course there are other intersecting loops.

James Mickens' "Blockchains are a bad idea" talk [1] is a great explanation that discusses exactly that.

[1]: https://www.youtube.com/watch?v=15RTC22Z2xI

This is not a mistake, it’s a pretty common method for money laundering

I'm curious how this works. As I understand it, Bitfinex would have do this by not broadcasting the transaction to the network and instead keeps it on a single miner and it gets included when the miner snags a block but how does that help launder money?

Is it some sort of deniability thing to say your hilariously unreasonable miner tip was mined by a random miner who may or may not be you? Surely regulators/prosecutors aren't this gullible.

Regulation/prosecution is lagging way behind in this space. Even in traditional finance, Ponzi schemes and money laundering go on for years.

It's also important to consider the psychology of things like Ponzi schemes. A bright 12 year old can understand why a Ponzi scheme falls apart in the long run. But for most of the people running them, they aren't thinking about the long run. They're responding to short-term incentives. An investor wants money back? Well there's money, so let's give some to them. Low on money? Go out and sell more people on putting money in. People have concerns? Reassure them that everything's fine, better than fine, amazing in fact.

So the question of "do they think they can get away with it in the long run" is not really the right one to ask. 100% of their attention is on the short term. They carefully avoid thinking about the long run at all, because it's way too uncomfortable. As long as the problems are deniable enough in the short term, they're just going to keep going.

The cool part is all of these transactions are public and can be archived by regulators for long term forensics and enforcement activities while still within the statute of limitations. Might take years, but government can take its time investigating and prosecuting. Regulation can lag because there is no rush; the evidence is preserved by the very nature of the technology.

https://news.ycombinator.com/item?id=28673552 (HN: Tracking stolen crypto is a booming business) | https://archive.is/s1WvQ

That's a positive for sure, but regulatory latency enables more scamming. That added burden to limited regulatory capacity mean the increased scamming makes it likelier that the small fry will get away.

While I don't doubt it's a method used for money laundering, this particular instance probably isn't it. For one, if you're money laundering, you don't want the transaction to show up on the front page of HN.

Yeah why not do this over time with smaller fees. With the ridiculous gas these days you might be able to sneak quite a few tx in under the guise of “nft bots” but not 7500 eth in one tx

What's another explanation for this huge fee? Your reasoning makes sense, but that still leaves me extremely curious.

The base gas fee for the block is:

Base Fee Per Gas: 0.000000058907049227 Ether (58.907049227 Gwei)

The paid gas fee for the transaction is: 0.053243669870735422 Ether (53,243,669.870735422 Gwei)

Perhaps they wanted to post the transaction for 53 Gwei but fatfingered it? Or entered Pwei instead.

Edit: This block was apparently mined by poolin pool: https://minerstat.com/coin/POOLIN-ETH

Their rewards almost doubled

Using a client which has two boxes, one for fee and one for value transferred.

("Fat finger" errors like this are not unheard of in the read financial system, but that usually allows reversal)

That still means they intended to pay $100K in transaction fees, is that a normal sum?

Various claims on reddit using phrases like "set the gwei limit the same as the gas limit" and "new EIP 1559 transaction", which I can barely make sense of, but it sounds like they may have been in entirely different units?

Anyway, be your own bank, I'm sure you can figure this out. /s

It's a huge number but amounts to 0.4% (0.004). I have no idea how that compares to regular 24M international wire transfers, though.

Its not money laundering, lol. a) Bitfinex is an exchange, they don't need to launder. They are the laundry! b) You usually want to get the money back when your launder. This is handing 20 million dollars to a random on the street who takes your transactions.

I get that point, but I was asking for what is then the real reason. The only two I've seen proposed are money laundering (perhaps by collusion with the miner) or mistake (accidentally confusing the transaction amount with the tip - still meaning the intention was to pay $100k in transaction fees).

If i was to bet, my money is on a catastrophic fuck up. Its probably 'other peoples money' too. Some VC maybe lost a big bag of ether.

> This is handing 20 million dollars to a random on the street who takes your transactions.

Yes I'm sure it's purely coincidence that the "random on the street" who mined this block is a major Bitfinex shareholder.

It's also potentially risky. What if a big mining pool, upon noticing the huge fee mined by another miner/pool, decides not to mine on top of that block, but in competition with that block in hope of snagging the fee for itself?

There's been a lot of talk about reorg due to MEV (which this could be considered MEV), but to the best of my knowledge it hasn't happened yet. This seems like a big opportunity because this is ~3000x bigger than the standard block reward

We need Ethereum to always prevent this. Or the big mining pool will just do this for every block and allow ONLY THEIR blocks to be processed. Then they get 100% of mining of the ETH mining fees.

This reinforces by most miners being willing to join, to get a share in monopoly rents over miners-never-earning. The big mining pool(s) could let in enough to stay big enough. But not too many to spread the monopolistic gains by too broad a base.

The mining pool would have to have >50% of the hashrate to pull that off indefinitely.

Its a great way for miners to launder money. Bitfinex pays the fee and it turns up on the miners balance sheet, where does bitfinex gain?

The recipient in this case absolutely appears to be "associated" with Bitfinex, who don't understand the concept of "arms length", so entirely 'nepotistic' transactions like this would be par for the course (remember the loan between Bitfinex and Tether, who were at the time being stated as independent and unrelated, yet somehow the same two people signed and countersigned the loan for both sides?).

I read your whole comment expecting you to get to the evidence where bitfinex and the miner are associated...

> DeversiFi — a non-custodial exchange that spun out of Bitfinex in 2019

From the article.

And as said, given previous dishonesty from Bitfinex about all sorts of unrelated parties (they claimed to be independent of Tether, until that was proven a lie, and they are heavily intertwined with their bank, Deltec, who says that they have "insight into every transaction and Tether"), I'm going to consider Occam's Razor, here.

they refunded the fee to bitfinex

ELI5, please?

Who does the fee go to? I would have thought the miner. But if so, how can you predict (or control) which miner will get your block?

The transaction is sent directly to the miner without going through mempool, or the miner itself makes the transaction.

I'd submit an answer involving jargon like "mempool" doesn't qualify for "ELI5". ELI4?

Mempool or "memory pool". It contains pending transactions that have been publicly broadcasted and are waiting to be mined into the blockchain.

Etherscan indicates that the transaction was in the mempool [0]. My understanding is that this wouldn't show up if it was mined without releasing the transaction to the mempool.

[0] https://etherscan.io/tx/0x2c9931793876db33b1a9aad123ad4921df...

Is this even still possible? Since EIP-1559 miners like ethermine stopped including their own tx for 'free' presumably because you cant pick and choose anymore.

You can still pick and choose, EIP-1559 forces miners to burn part of the fee, which means it's no longer "free" to the miner to include these transactions. In the case of this transaction, Bitfinex also included a very large tip that went to the miner.

It certainly is. Here's a list of them: https://etherscan.io/txs/label/private-transaction

Is the mempool logged? Is it possible to tell if it was a mistake or if they skipped the mempool?

Every node operator can log their node's mempool, but the protocol does not ensure that mempools are consistent across nodes.

That said, logging this might violate GDPR :)

Are they the one who's going to choose the miner?

I thought all transaction fees are burned after EIP-1559 was implemented?

No, there are 2 parts to the fee. The base and the tip. The base is burned and the tip goes to the miner. This transaction burned 0.008493159450499633 eth (~$25) and paid the miner the rest.

How would this work? The fees go to the miners or are burned, so how do the laundered funds make their way back?

Perhaps instead of sending your transaction publicly in the Mempool, you give it to your miner friend to include in their next block.

Is the mempool logged? Is it possible to tell if it was a mistake or if they skipped the mempool?

>Is the mempool logged?

Yes. For instance on etherscan there's a "Confirmed within x secs" indicator, which is "Estimated duration between time First Seen and included in block".

Even if it is logged, there are ways this behaviour could be masked.

Say a colluding miner mines blocks including this unbroadcast transaction until they finally hit the block target with this transaction included.

Bitfinex then broadcasts the transaction to mempool. After some plausible delay (but a short enough one that no one else gets a chance to mine it), the colluding miner publishes a valid block including the transaction. No one can confirm that the miner didn't receive the transaction from mempool like everyone else, and then 'get lucky' shortly after.

I'm not saying this is what happened, I think user error is more likely. But it can neither be ruled out nor easily proven.

There would be suspicion that the block doesn't have any recent transactions in it though.

The basefee is burned, the priority fee is given to the miner.

Is it possible they are just incompetent?

Its been years since competing blockchains projects added fee limits at least in the front ends if the protocol cant allow it so that this does not happen. It happened many times on ETH and it will happen again because the devs simply dont care.

BTW the money laundering idea is complete nonsense. You dont do that by making large transactions so that mainstream media writes about it and investigations are triggered. This is just the usual HN crypto bias that seeks for confirmation that everything cryoto is illegitimate.

Various Ethereum wallets warn you about excessive fees, and even set reasonable defaults (especially post 1559). Even if they didn’t, Ethereum devs aren’t the same as Ethereum wallet devs and each group has their own opinions about how to handle fees and UX. It’s disingenuous to say that “Ethereum devs don’t care” about any specific issue and you should be more specific about who you’re criticizing.

It’s unlikely that Bitfinex was using a consumer-faci by wallet and they could easily build those checks into their systems.

I mean the devs of the network ofc they are the only one who could completely stop this. UI/wallet devs can only partially because people dont need to use an UI and can still use old software too.

They very obviously dont care because the problem is know since years and the sum of accidental fees could probably pay google whole software dev personnel to write 1000 different possible fixes but nothing was ever done about it.

How do you solve it at the protocol level? Let's say I set a gas price of 0.00000004 eth. Is that too much or too little? If you try to enforce the price to be within some range of the average of past n transactions it could:

1. make transactions that were valid at the time of creation suddenly invalid if the average moves, which is frustrating to all parties

2. not able to respond to rapid changes in demand

3. overcomplicate validation/consensus

Most other projects implemented a hard coded (can be changed with software update) upper limit that is outside of real use. This means people can still set way to higher fees by accident but not accidentally loose millions.

There might be better ways but clearly doing nothing at all is worse.

And yes, I know ETH is in a uniquely bad situation on this because the range of legitimate fees is enormous.

There isn't one front end for ETH, there are many. They probably rolled their own here.

With bitcoin you could spend lot of mining time get these fees with longer chain. Is that possible with ethereum too?

Yes there would have been a window for that, if you could spin up insane hash power in minutes. However ethereum blocks happen on average every 13.5 seconds and this TX is now 1,558 blocks in the past, it's not likely now.

If you can react quickly, a 51% PoW attack is... still prohibitively expensive: https://www.crypto51.app/

Those figures assume that the miners other than yourself are honest. The big risk with MEV is that in theory it could trigger all miners to prioritize reorging (51% attack) instead of building on the longest chain.

This is a really interesting point, and an issue that Bitcoin will likely run into as the block reward nears zero, and transaction fees provide the majority of the miner revenue. Miners could be incentivized to reorg blocks in order to get transaction fees.

So who got the tx fee?

The block: https://etherscan.io/block/13307440

Miner: https://etherscan.io/address/0xb7e390864a90b7b923c9f9310c6f9...

Has 3% of miner power in the network it seems, fairly big. Seems to only been running since 2021-07-12.

It looks like it's labeled as Flashbots block.

So many people calling this money laundering. The miner sent most of it back already https://twitter.com/cryptocobain/status/1442611045021913089?...

HN irrationally loves to hate crypto.

This right here. It was one of the few ways in BTC where you could launder it and completely break the flow.

Then there was monero and it seemed to scratch the itch a little easier

> UPDATE (6:10 p.m. EST): The majority of the funds -- some $22.1 million worth of ETH -- have been returned to the Bitfinex-controlled wallet. The transaction was sent at 5:14 p.m. EST at a cost of $33.74.

Christopher Harborne is Will Harborne's father and has been involved with Crypto Currencies from the early days. The relationship was covered by Private Eye magazine (ed 1517) on the #Fincenfiles

> The transaction was a smart contract interaction with the amount of tether sent to one wallet before being passed along to Deversifi’s wallet. It used the newly implemented EIP-1559 type of transaction, which was designed to make Ethereum fees easier to predict.

From https://www.theblockcrypto.com/post/118753/bitfinex-just-spe...

More and more, it is revealed that that majority of actors in crypto are either incompetent, scammers, or both.

Well...you won't see that happen in Bitcoin ever.

Wait a minute, aren't transactions fees supposed to be "burned" after the last hardfork? What am I missing?

Edit: Trying to determine if this is a bug or just a misunderstanding on my part.

There is a fee that's burned, but I think sending a fee to the miner as well is still there.

$23.7 million to transfer $100,000. It's becoming a hard sell.

23700% in fees. Suddenly the 3-5% that is insane doesn't feel like that much...

Why is everyone saying this isn't a shady trade when the person who got the $23m is a weird person with a pseudonym in thailand and fueled Brexit? Is it because that guy seems on the level?

Well this happened in a context where fraud and shadiness are essentially the norm, and strict adherence to letter of contract (not intent) is somehow seen as a virtue.

It seems in the latest update that the funds were returned via another transaction.

wait who was the miner? that's quite the claim to make

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact