Hacker News new | comments | show | ask | jobs | submit login
Why Mt. Gox is full of shit (cryto.net)
277 points by klrr on Feb 10, 2014 | hide | past | web | favorite | 134 comments

There's no acceptable middle ground really. Practically every Bitcoin service is full of incompetence of varying degrees. Coinbase for example uses MongoDB for their accounting and apparently was hacked (and the funds returned) as an effect of that. Every other service has issues with the founders (BTC-e is run by who?) or their security record (inputs.io had a cold wallet?) in some way.

You can't trust much in this particular corner of the internet.

You left out Bitomat, the incompetent exchange that deleted their own amazon instance accidentally which contained all their keys, and thus customer funds.

I wasn't aware, that's obscene.

Ouch.. that's worse than being hacked.

Perfect[ish] cover story?

Victims can monitor the blockchain to determine if their coins were spent? (Of the victims know their coins public keys, I guess)

Indeed that's what made me temper it with an -ish. Whilst you can monitor it that doesn't really help if the perps have escaped beyond the reaches of the relevant laws.

How many people are monitoring the blockchain in that way - sounds like an app idea.

Yeah, but the problem is that once you deposit your money into an exchange, you no longer have a public key -- it's all in the wallet of the exchange.

I would submit that Bitstamp is running a very professional operation, and that owner Nejc Kodric is very competent and not at all anonymous. They've been occasionally overwhelmed by large amounts of new clients, but all of my interactions with their support staff have been very impressive.

Through these giant waves of expansion, they've kept their trade engine running quickly (people have described a few brief periods of slower operation, but it never affected me).

A lot of folks discount them because they're in Eastern/Central Europe, but really Slovenia's business environment shares more with Germany than it does the rest of Eastern Europe.

All in all, I think Bitstamp is doing a great job.

Coinbase CEO here - can confirm it was not us.

Checked with the team and we couldn't find any interaction matching that description. http://www.reddit.com/r/Bitcoin/comments/1wtbiu/how_i_stole_...

We work with a community of security researchers who help us test these sort of things https://coinbase.com/whitehat including quite a lot on race conditions. We use a variety of datastores for different parts of the app where they are best suited.

> BTC-e is run by who?

Some people view this as a problem, personally I view this as a benefit. Because of them being a little bit sketchy, they don't ask for ID verification and offer some services, margin trading for example that other exchanges do not due to legal complications. As long as you use it as an exchange and not as storage I think it's perfectly fine.

What is the link between MongoDB and them getting hacked?

The comment was referencing an anonymous whitehat talking about having hacked an exchange for 100BTC due to way the service was doing their accounting. They'd essentially found a race condition that allowed them to overwrite a large withdrawal with the result of a smaller one, affording them unlimited Bitcoin. It was inferred that this was coinbase, though not directly stated I don't think.


Why is MongoDB bad? It's not ACID compliant. It's hard to determine the state of the database with concurrent processes attempting to modify its data. Given the explanation it's fairly clear that it's Coinbase being talked about.


From the world of NoSQL, let me nitpick a bit: You don't need to run ACID software to do safe processing of your transactions (durability and clever business-logic constraints can serve to limit your exposure to losses to finite knowable values, which may be worth it because you can achieve availability and partition-tolerance)... but man, ACID sure makes things a heck of a lot easier, and will save you from many classes of implementation error. Think twice before giving it up. Think more than twice.

(Also, MongoDB is like the worst NoSQL data store out there for a task like this.)

I just want to add that this is obviously true because ACID can be implemented on the filesystem, which is not ACID. So to create a reliable transaction processing system on MongoDB (or any non-ACID system), you would need to build ACID on top of it. And if you're interested in Bitcoins and not database design, that's probably not the right way to go.

And if you build ACID on top of mongodb, then you lose the benefits of NoSQL. Not to mention the immense difficulty of building ACID into your business logic...

It makes sense to use mongodb for commenting system where nobody cares if you lose a comment or certain comments are written before others.

But no competent architect would use mongodb for financial/currency transactions.

If coinbase did use mongodb, it will be inevitable they will have transactional issues. The more popular coinbase gets, the more transactions they process, the more issues they'll have. I don't envy the poor souls that have to track down these kinds of issues...

Well, NoSQL doesn't simply mean "not ACID". There's also other stuff like documents instead of tables and native support for JSON.

On some of them. I have come to call anything that stores data in a non-SQL way NoSQL. Accurate? Probably not, but it sure does seem to bring in those other ones that everyone calls NoSQL for some reason (Redis for example).

FYI: TokuMX builds ACID underneath MongoDB. They ripped out Mongo's storage engine and replaced it with their own. It seems to be faster and it supports ACID transactions.

Not to start a flame war here, but from the perspective of someone with limited database experience, what is the best database out there? I realize that this question is very vague, but is there a best general-use database?

I would use Postgres.

It's not particularly likely to eat your data or kill you as you get started, and the ecosystem is relatively unified which means consistent and generally good best practices documentation. Becoming a Postgres expert could take a lifetime as the database offers an astonishing depth of features, but it won't bite you if you just use the basics. Plus the source is quite good if you ever find the urge to dig deep.

A couple of gotchas might bother you. You'll need to implement your own strategy for upserts if you need those. But you do get robust native support for popular data types commonly seen in today's apps: geographic data as well as document data (via HStore or JSON).

The MySQL/MariaDB family is well-proven as well, but with tens of available storage engines, two core forks, and a bit of non-standard SQL magic sprinkled throughout it's harder for a beginner to learn the best practices IMO.

The challenge comes once you exceed what one machine can do and want to move beyond the simple client(s) <-> (possibly replicated) server model. Keep in mind that depending on your project, this might not ever happen to you. Certain types of mid-sized sites like Basecamp and Stack Exchange have gotten away with throwing bigger hardware at their database systems.

If or when you reach the point where you need a distributed database, you have to choose between consistency and availability. I'll let the experts explain some of those concepts by linking to this excellent article by Coda Hale: http://codahale.com/you-cant-sacrifice-partition-tolerance/ . That's when you'll find yourself in the NoSQL world - many NoSQL databases are useful in that they try to trade consistent for available in some way or another. While they generally fail completely to actually do so, as illustrated in Kyle Kingsbury's excellent "Call Me Maybe" series, the largest -scale systems are all based on a "NoSQL" data store in some way or another.

"Best" is a strong word to use universally, but IMO when in doubt use PostgreSQL. It has a very solid traditional ACID/SQL core and it has also been introducing "NoSQL" style json document storage on top of that for projects that want to go that route. I suspect PostgreSQL will do the the NoSQL type stuff well a a lot sooner than NoSQL databases will do the consistence/durability thing well.

Having said all of that on my personal site I actually use RethinkDB because it is delightfully easy to setup and code against (I just persist my Go structs to the db and don't worry about a relational schema to maintain) and I don't really care about data integrity there, so I don't mind that RethinkDB is relatively new and untested. So one size doesn't fit all, but PostgreSQL is still, IMO, generally the "safest bet" if you do care about data integrity and don't want to spend hundreds of thousands of dollars on licensing to scale it up.

Out of curiosity, is there anything to this pairing of languages with databases presented in the link below? Does each database have its own optimal programming language?


Generally not; though there are some exceptions given the maturity level of the database drivers in any given language. For the most part though, any well-supported programming language should have a mature driver for any well-supported database.

The pairing on Gandi's offer has more to do with which database programmers of a given language are usually more familiar with. Hopefully you can use pgSQL in all three cases :-)

You will likely be happy with PostgreSQL or MySQL. If you don't know why you're not using a SQL database, likely you should be.

If you do want to experiment with NoSQL databases, MongoDB is probably the easiest to get going with (which is why it is so widely used). However, you seem statistically unlikely to be in the group that is happy with MongoDB in production :-)

HBase has a much brighter future for the NoSQL use cases (and is even getting SQL support!)

SQL databases: Postgres unless you have a reason not to.

From the point of view of NoSQL data stores, it'll really depend on your application needs, and I can't give you a full overview, buuuut.... Amazon did a solid job with its DynamoDB database, and Apache Cassandra did a solid job cloning it. I believe I've also heard decent things about the sanity level of Redis and Hypderdex.

DynamoDB was released in 2012, Cassandra in 2008, so it is definitely not a clone of the former :)

It is loosely based on the Dynamo paper like most modern distributed databases, but Dynamo and DynamoDB are very different things.

Riak could be another interesting option in that space. Redis is more adapted for small datasets with high workloads and low durability expectations (i.e. do not host a Bitcoin exchange purely on it unless you really know what you are doing :p).

Unless you really know what you're doing, just use a relational database. Opinions differ, but Postgresql is a pretty safe bet.

+1 for PostgreSQL but only if you learn relational database design (it's not that hard).

Else you're better off with NoSQL (I found CouchDB amazingly easy).

MongoDB isn't the right tool here of course, but the rumoured attack could have been avoided using MongoDB's findAndModify command which gives you the atomicity you need to update a ledger.

The problem here is that developers not taking the time to understand their application and how their tools work. Yes, MongoDB gives you enough rope to hang yourself and I certainly wouldn't suggest using it for a financial ledger, but you could have a durable application based on it if you really wanted to.

However if developers of a financial system cant grasp the need for atomicity in the transaction path then they're going to be buggering things up all over the place.

TokuMX is a drop in replacement for MongoDB and provides ACID transactions, better indexing (fractal tree) and data compression (up to 90%). All without sacrificing performance, flexibility or tool support.

Tokutek engineers are top notch.

And their almost-GPL database code is covered by multiple patents, so don't read it (or even use it? I'm not sure what's safest there) if you ever plan on doing database development yourself. Remember: willful infringement = treble damages.

You may have a good point however the parent thread is about using MongoDB without ACID support and you don't need to read the source code to get over that hurdle with TokuMX.

You can do 2-step commits in MongoDB to make your transactions ACID: http://docs.mongodb.org/manual/tutorial/perform-two-phase-co...

That procedure is ridiculous, and they even admit that it is broken e.g. other callers can see intermediate results.

If you are even thinking about following any of the advice on that page, you are no longer in the MongoDB use case: you plainly need transactions.

MongoDB is not ACID compliant, using it for accounts is like sending off cheques by carrier pigeons.

So all I have to do to secure my data is use an ACID compliant database? Cool!

In case it's not clear to you, there are two reasons that you are getting downvoted: 1. snark, and 2. you are committing the logical fallacy of affirming the consequent. [0]

In particular, dijit asserted that "Not ACID => Not secure" (which is debatable, but that doesn't matter here) from which you can also validly deduce the contrapositive "Secure => ACID". However, you then (sarcastically) asserted that dijit is saying "ACID => Secure", whereas in fact he said nothing like that.

[0] http://en.wikipedia.org/wiki/Affirming_the_consequent

I don't think you understand what is being discussed. ACID compliance has nothing to do with "security". It's a matter of transactional guarantees. MongoDB offers none because it is not ACID compliant. That means that transactions can silently fail, partially commit, execute out of order, etc. This is an EXTREMELY serious and complicated issue. And I would not do any banking, trading, etc on a non-compliant database.

If it helps, you can replace "Secure" with "X" where X is any adjective, and my argument will still work.

Now you're just arguing semantics

Security in the integrity of your data, rather than security from an invader. Also Non-ACID => Non-"Michael Jackson," therefore ACID => "Michael Jackson" is just as wrong, so you're comment isn't really relevant.

You're taking a very restricted definition of "security." I'd say that if my data has a high chance of being corrupted, it's insecure, whether or not there's a malicious party involved or not. For that matter, if there's a possibility of data corruption when there's lots of concurrency, then it's worse than a malicious party, because it's almost guaranteed to bite you when you need to scale quickly, whereas a hacker might not target you right away.

MongoDB is the accepted thing to hate around here.

That being said, I don't think a schemaless database is really appropriate for carefully considered (or what should be carefully considered) financial data.

Why does MongoDB have a bad reputation here?

It's been repeatedly discussed (ad nauseam?) - I recommend checking out hnsearch.com.

I dislike MongoDB, but if I had to try to summarize objectively:

1) It is marketed very heavily, including to use cases to which it is poorly suited

2) It can be very complicated to run in production, I think because it actually wasn't originally designed to be distributed.

3) It has a history of data loss. I think this is because it generally favors performance over reliability, combined with #1 and #2

Because it's pure snake oil. If you got an old IMS hacker from the 1970s he would be appalled at just how primitive it is, but to its cult-like followers it is cutting edge tech and they won't shut up about it.

I have run it in production, thrown over the fence by some dumb devs who believed the lies that "you don't need a DBA". Well you need a full time team and a lot of hardware, and that's comparing it to Oracle.

MongoDB has been marketed as something it is not ,that's why.

Would you care to provide a brief rundown on this? I'm not doubting you. I'm simply ignorant.

What about other NoSQL solutions?

MongoDB is a clever wrapper to a mmap()'d hash table of linked lists of BSON documents that's naive as anything but fast as long as everything's always in memory. (Well, "fast" is a strong word where Mongo is concerned. "not horribly slow".)

MOST other NoSQL solutions actually do things like treat their index differently than their bulk data so that it isn't accidentally swapped out, ruining performance. Many also do important things like supplying durable writes. (Your data may not be consistent at any one given moment, but it'll get there.)

Trust is fickle on the internet. These young, inexperience companies are hurting consumers by poor practises. That however doesn't restrict an experienced party from providing services safely. For instance, we may trust amazon or github and a plethora of other services online. It appears we generally trust them because they have a solid record of support & are transparent about issues. What I'm trying to convey is that a reputable party could in time be a trusted. This doesn't negate an individual from taking protective measures such as paper wallets, vaults, backups and spreading your wealth across wallets. Right now it's a kin to the wild west. And the law-men are coming, they just haven't arrived. I feel in time, the dust will settle.

Trust is a slow process.

Haven't heard of any problems with bitstamp. Did you?

I have not either, beside the usual phishing and DDoS. That said I've not had any experience with them except for hearing the name in passing. Remember that a comment like this is possibly a false positive, they could be incompetent until we know that it's 100% true, we can't ever prove that they aren't incompetent.

I have heard that they are extremely well-run and everything works as it should - however, they ask a lot of questions if you make bigger transactions.

For example, they need to know where do you get your money from, and if it's from mining, they want copies of bills for the mining rigs, and so on.

Maybe, but that's like me calling you incompetent because there is no proof you always are competent.

True, but I'm not handling financial transactions.

It doesn't matter. With your definition of competence no one could be called that way ever.

A measure of competence is usually down to trust and demonstration of experience. We can take blockchain.info, a slightly similar service, and use them as an example. With no other knowledge I can see that their ready to go PHP developer examples have SQL injection vulnerabilities. That's not an issue with the service itself-that's closed source-but we now have a measure of the incompetence of the websites owner. There's no way of knowing what their system looks like internally, but that's enough to make me cautious relying on their data feeds as being 100% reliable.

It's quite possible to demonstrate robust systems.

But you have to have robust systems first.

There is some problems funding for some people, as some banks consider Slovenia to be under financial embargo/blacklist.

There is also the huge problem that they do not have MSB licenses in the US, so it's only a matter of time until Florida or NY sues them, or demands the arrest and extradition of the owners for not complying with US laws yet still allowing American customers.

Bitstamp is outside of NY or FL jurisdiction.

US law changed where nobody is outside their jurisdiction anymore with these new MSB laws, which is why a lot of foreign services stopped dealing with US residents. FL can petition whatever federal government agency to go after them like they did foreign Liberty Reserve exchangers.

Stop spreading FUD. The MSB rules only apply to exchanges incorporated or physically located in the US, including its outlying territories. They don't apply to foreign exchanges, i.e., MtGox or most other current major BTC exchanges.

Foreign services stopped dealing with US residents because last year new FBAR and FATCA compliance rules went into effect, requiring US taxpayers to provide more information about their foreign assets, and the US signed numerous new agreements with most major nations to share data about U.S. account-holders (agreements under which either nation could demand specified information about account-holders in the other nation as if they were domestic institutions) Many European banks stopped doing business with Americans because it was a paperwork nightmare to deal with the compliance.

1 CFR 1010.100(ff). An entity may now qualify as a money services business (MSB) under the Bank Secrecy Act (BSA) regulations based on its activities within the United States, even if none of its agents, agencies, branches or offices are physically located in the United States. Relevant factors include whether the foreign-located person, whether or not on a regular basis or as an organized or licensed business concern, is providing services to customers located in the United States.

The Final Rule requires each foreign-located MSB to appoint a person residing in the United States as an agent for service of legal process with respect to compliance with the BSA and its implementing regulations.

Translation: Bitstamp, if they take $1 from an American customer are now required to register with FinCen, possibly apply for licenses (nobody has figured this out yet at the bitcoin foundation) and have an agent based in the US to oversee legal compliance. I haven't heard of Bitstamp doing this. Use at your own risk.

But Bitstamp isn't in the US, so they don't give a crap about that law.

Just like you don't worry about crazy laws in Saudi Arabia or Kuwait that prohibit drinking alcohol.

US can change their laws all they want, they still can't shut down a bank in Slovenia because it has a British business account.

They can try and press the UK, but that, at best, will only result in Bitstamp moving its headquarters to a different country, which would result in a ton of taxes leaving too.

> US can change their laws all they want, they still can't shut down a bank in Slovenia

They can and do go after banks that have subsidiaries in the US. They also can pressure those banks that don't by going after their affiliates that do.

This is one reason why I think forcing exchanges to register as money transmitters and regulating them as such might have a positive effect.

These exchanges have to have a certain amount of capital set aside and can't simply disappear with account holder's money if they get hacked due to incompetence.

Bitcoin Central is relatively good. They have been hacked before, but the exploit was actually against their hosting provider's dashboard...

I don't think anyone has pointed out that MtGox said "We have discussed this solution [additional hash in the protocol] with the Bitcoin core developers and will allow Bitcoin withdrawals again once it has been approved and standardized." [1] A Bitcoin protocol change like that is not going to happen for a long, long time, if ever so do the math on MtGox's statement and when they will allow withdrawls.

The Bitcoin team did push out a change in 8 hours once for a critical signed/unsigned bug that threatened the whole system [3], but this problem looks to me like NOTABUG/WONTFIX. The transaction malleability is an annoyance, not a real bug. Basically the support team just needs to spend an extra 5 seconds checking a transaction instead of blindly issuing refunds.

My recent article [2] goes into the Bitcoin protocol in great detail if you want to know more about transaction signing, which should help explain technically what is going on with malleability.

[1] https://www.mtgox.com/press_release_20140210.html

[2] http://righto.com/bc

[3] https://bitcointalk.org/index.php?topic=822.0

Denying that this is a bug is extremely disingenuous. It's very clearly a major bug, albeit with a widely known, standard, effective workaround.

Is this an excuse for Mt Gox to withhold coins? Absolutely not. Who knows whether they are giving a big fuck you to the bitcoin community, now that there's little left to lose, or whether they've lost or outright stolen the coins.

These are not all that directly related— they're the start of a set of changes which will probably take us one to three years to fully deploy... what mtgox was talking about in their press releases was just some simple standard way of generating a stable ID, this wouldn't be a protocol change at all... and is only a few lines of code: https://github.com/sipa/bitcoin/commits/normtxid

But whats more important is that this malleability stuff is not very much related to fraud risk, I explained more here: http://sourceforge.net/mailarchive/message.php?msg_id=319565...

Of course Gox is full of shit, anybody see his php ssh implementation? Karpales is a guy who rolls his own crypto everyday and has no idea it's completely flawed, and when you point out the flaws he doesn't believe you and uses it anyways.

He's a cancer and nobody should be using MtGox. You're supposed to trade coins in IRC decentralized using the web of trust, or localbitcoins in person. Exchanges should only be used if you have a business bank account and are on first name basis with the guy who runs Bitstamp or Cavirtex on IRC otherwise you get delays and holds for identity verification, limits, other problems like your bank freezing your account when they notice wires going to Slovenia too often.

*Edit Gavin just posted a response on the bitcoin foundation blog, confirming Gox is indeed full of shit.

Anyone who uses Mt. Gox is a fool, especially after the first few security issues. Hearing about further issues in terms of security, etc is sort of like hearing the wailings of a person whose spouse is cheating on them... for the 5th or 6th time. At some point, the victim only has themselves to blame.

Literally 2 days after I registered on Mt Gox (2011), I got this email: "[Mt.Gox] Account database compromised". I'm glad if they're going away. I've never trusted them since.

One interesting aspect of this whole ordeal is the fact that, thus far, exchanges' prices have depended on each other. That is, a huge sell order on Bitstamp will more or less immediately affect the price on BTC-E, MtGox, etc. (The exception seems to be Coinbase, which seems to use some kind of exponential weighted averaging, but even Coinbase will get dragged down if the price drop is dramatic enough.)

If people lose all confidence in Gox, but still retain faith in other exchanges, then that means we're going to witness MtGox's price drop while the other exchanges' prices rise. However, this becomes an economic opportunity for anyone who wants to do arbitrage between exchanges. Therefore it seems like the prices won't ever diverge too much.

The conclusion, it seems, is that no matter how bad one exchange is, it will simply drag the overall price of Bitcoin down across all exchanges rather than suffer punishment as an individual company. The fact that arbitrage is doable seems to give MtGox some insulation from consumer outrage.

This poses a question: Is it true that as long as an exchange keeps functioning, then it's "here to stay" no matter how badly they behave? Is there any way that an exchange could go out of business from nothing more than consumers losing faith that one exchange?

The exception seems to be Coinbase

Coinbase isn't an exchange. They are a dealer. When you buy or sell on Coinbase your are interacting directly with Coinbase. You trade with them at their discretion. There is even some jargon about Coinbase being able to "cancel or reverse potentially high-risk buys or sells of bitcoin", though it isn't clear what high-risk means from the context. See section 3 of their user agreement.


I'd have to say Coinbase is pretty bad too. From personal experience, a couple months ago, almost every time i've bought at a low, they've canceled the transaction because it was deemed to be "high-risk."

Prior to that, i'd buy some coins and they'd wait until the price dropped quite a bit to "complete the transaction." And i'd contact them again and again and it would take them a week to get back to me as the transaction was pending.

You can't do arbitrage on Mt Gox though because you can't get any money out. That's the whole reason the price discrepancy exists.

Why can't you get the money out via a Japanese bank account? They claim to send funds to those within a few days.

Is is supposed to be easy to get a Japanese bank account if you've, say, never been to Japan, and don't speak Japanese? Honest question...

No, you need some level of residency. Maybe it could be worked around by incorporating in Japan and getting a business bank account. I think Gox can do withdrawals to Polish banks too, but unsure.

You can as long as the arbitrage doesn't always go one way, but you have to tie up additional funds.

Arbitrage if they're willing to take the additional risk. Which, if priced in correctly at MTGOX, will even itself out.

Correct. Hence the higher USD price of BTC on MtGox. The extra price represents the opportunity cost of having to wait 3 months to withdraw fiat. Simply said: ''I'll only sell my BTC on Gox if i get more than on Bitstamp - because ill have to wait a long time to get access to those dollars''.

Gox will lose market share. While prices may remain the same across exchanges, the volume will decrease significantly for Gox. For an exchange to go out of business, you don't need the price on that exchange to go down. It will just lose customers and that's it.

> Is it true that as long as an exchange keeps functioning, then it's "here to stay" no matter how badly they behave?

No, and that's evident by the fact that Mt.Gox has been losing market share steadily since their withdrawal problems started. People are leaving Mt.Gox but at a very slow rate because there is a limit of outgoing transfers like 100-200K EUR/day so at most they lose something like 6M worth of deposits every month. If they solve the withdrawal problems right now I'm pretty sure people will forget about all the issues over the years and will happily trade at MtGox again. But if the problems continue for 1 more year, I think Gox will be pretty much dead.

Interesting. Would one gamble with arbitrage knowing that they might not get their money, though?

Realistically, Mt. Gox have said they won't allow withdrawals indefinitely. They know that fixing this issue — known since 2011 — is going to take time. It's already been 3 years with no fix.

This is their get out of jail free card, giving them as much time as possible to work on whatever they need to do to get things back to normal... if they even want to.

For serious arbitrageurs the divergence happened a while ago -- dollars and GoxBucks are not the same.

The candlestick charts are not telling a pretty story about trust right now. Bitbugs keep the faith and talk about buying with blood in the streets since it always bounces back, but every flash crash comes with a worse story.

The headline is "Largest Bitcoin Exchange Doesn't Understand Bitcoin"

What hope do retailers and any but the very-technical have in managing the risk implicit in digital currencies?

Not to mention, seeing supporting forum posts where people are discussing the parts of fractions of coin being sent around... do people really think 8-10 digits past the decimal can hope to be manageable for consumers? It's bad enough to deal with Yen conversions.

Please tip your server .00343874938239487 bitcoin. When 15% of the value can evaporate while business is happening... when do you bill the customer for lunch? When they order?

News flash: people don't like to admit they are wrong. They will find ways to rationalize their actions to fit a model where their fears of being wrong are temporarily alleviated. Unfortunately most people don't realize it's more work in the end to deny being wrong than just coming clean.

We've been through this several times with Mt. Gox. It's time for everyone to STOP using them and start using something else for trading. Continuing to use them and making rationalizations that things will 'get better' will only result in a global case of cognitive dissonance.

They are threatening an ecosystem that is important and which has a large potential value. In my opinion, they need to be removed from that ecosystem.

Not wholly surprised here. As a side note, I wish it was easier to move coins out of mtgox. They require "verification" to even transfer coins to another BTC address at this point, which means sending them proof of identity and proof of address. I'm not against identifying myself but given their absolutely abysmal security record and repeated demonstrations of incompetence, I'm loathe to send them anything even remotely sensitive. which leaves me in a bad position where I'm stuck with coins I can't even access...

Ugh. Local wallets, people. Local wallets.

Let this be a warning to everybody with bitcoin in wallets they do no absolutely control, for example, Coinbase - you can and almost certainly will lose them at a moment's notice, sooner or later.

I feel really sorry for those with funds tied up with MtGox. It was only recently where I used MtGox to store most of my bitcoin and I am lucky to have decided to move them all to paper wallets.

This demonstrates one of the biggest issues holding back widespread adoption of bitcoin, the ability of the layperson to securely hold large amounts of bitcoin.

Mt. Gox is indeed full of shit. As I understand the issue, due to their bitcoin implementation, there is a possibility that someone would send bitcoins from their Mt. Gox. account to a wallet, than alter the signature of the transaction, and than claim that the transaction did not go through and contact support to request the funds to be resent.

Here are 2 easy solutions to this problem which do not require anything to be done by the bitcoin community, and could be exacted by Mt. Gox today:

1. Allow all transactions to go through as before, but state clearly that if your transaction does not go through after being submitted, it will take a long time to clear the transaction, because it will have to be checked by hand. Assuming that 90% of people are not planning to scam Mt. Gox, 90% of people would be able to get their money. The remaining 10% would have to wait a bit longer while Mt. Gox checks transactions by hand.

2. Alternatively, write a system were a user can request to withdraw bitcoins. The Mt. Gox server first generates a new wallet, than transfers the BTC to that wallet, than send the user the public and private keys for that wallet. Assuming that the user (for good reason) does not trust Mt. Gox, they than can simply transfer the BTC from a temporary wallet to a permanent one.

My experience exactly. I was just buying a hundred bucks worth of coins, and I had to suffer through inexplicable delays, error messages that were obvious lies, the list goes on and on. Incompetence is one thing ("sorry about the hassle, but look aren't we cheap!") but trying to obfuscate the real reason of problems is just a huge red flag.

I'm in Europe, and I like Kraken very much. blockchain.info recommended them.

FTA: "The time to stop using Mt. Gox has been long overdue. Move your business to a more serious exchange, one that is willing to admit their failures, should they occur. One that has the best interests of the entire Bitcoin ecosystem in mind, rather than their own bottom line."

Yes. I'm shocked this hasn't happened already, since this seems like a textbook instance of where the unrestricted free market should correct ignorant or malicious behavior by a bad actor.


Just because the free market works well (on the whole) doesn't mean it works instantly. We're seeing the correction underway, and this thread is part of it: people are identifying a bad actor, having sensible discussions about the problem and alternatives, and are transitioning to more suitable actors while those being abandoned over time are discovering the error of their ways and either correcting the problems or are getting/pushed out.

You'd rather place the process in the hands of people no more competent or interested than those already involved? and do so by threat of force?

Mt Gox is already bleeding to death; it's just in slow motion because the same problems that make people wont to leave make it hard to leave. The over-valuation of BTC at Mt Gox (until recently) is evidence of capital flight through BTC due to their USD withdrawal problems; it's apparently turned around just now since the new BTC restrictions are even worse (and there's some fiat currencies--like the Yen--where you can still get money out.)

Either way, MtGox has been consistently out of line with market price, in a market with plenty of arbitraging, indicating that they have problems and people know it.

I don't know how to get easy numbers on exchange volume over time, but I do know that Mt Gox has fallen from the obvious top exchange to a solid third over the time I've paid attention (maybe half a year.) Why they still have any decent volume, I don't know; inertia, people still cashing out or waiting for Mt Gox to improve, suckers lured by the arbitrage opportunity, perhaps the Japanese domestic market (they're the only Yen exchange). I know I wouldn't touch the place with a 29.5 foot pole.

Keep in mind that if the market was free, US and EU would be full of bitcoin ATMs and there would be several working exchanges in every country. So if someone had a slightest problem with MtGox, they'd easily switch to another exchange already.

However, in reality there are huge obstacles to moving fiat money around and the market is simply not allowed to improve liquidity how it desires.

I'm not sure if you're being sarcastic or not but why do you believe the "US and EU would be full of bitcoin ATMs and there would be several working exchanges in every country" if the market was "free" ?

That seems an incredibly preposterous statement to me. Also why isn't the market free exactly?

Sometimes I feel bitcoin people live on a different plane of reality.

You probably did not notice, but here are some of "chilling effect" news:

1. http://www.forbes.com/sites/kashmirhill/2013/08/12/every-imp...

2. http://blogs.marketwatch.com/thetell/2013/08/30/bitcoin-exch...

3. http://www.businessinsider.com/charlie-shrem-arrested-bitcoi...

4. http://fincen.gov/statutes_regs/guidance/html/FIN-2013-G001....

5. http://www.nbcnews.com/tech/tech-news/bitcoin-goes-mainstrea... - scanning hands of the customers to protect ATM from raid. etc.

If you are a merchant slightly interested in Bitcoin, your concern number 1 is "is it legal? Won't my taxman hit me with huge fines so I have to close the shop just because I did something suspicious?"

If you are a guy building an exchange your concern number 1 is "won't I go to jail for 'laundering' money for some guy who then goes and buys drugs elsewhere with coins he bought through my service". Also: FinCEN tells you to get "money transmitter" licenses in 48 states which is VERY EXPENSIVE, so only a few guys are allowed to even try.

If you are a guy with an ATM, your concern number 1 is "won't they confiscate it for investigation for several months and put me in jail meanwhile for aiding terrorists and child pornographers?"

There's a lot of pending demand to do anything related to Bitcoin. And the reason it's not serviced yet is a big legal concern and very-very-very harsh law enforcement behaviour. If you are a suspect, you've already lost. Even if you are free to go later, you already lost time, money, opportunity, some property etc. You simply can't do business in such landscape.

Free market would mean that there's no uber-controller over the entire property of the whole multi-state country. If every shop owner is free to own his piece of land how he wants and resolving disputes directly with anyone who's concerned, then you could see many more bitcoin ATMs and other businesses. But currently you are at a permanent risk of well-equipped guys with guns coming to you and taking your stuff and yourself, just for doing something innocent which is not yet explicitly allowed.

A free market isn't just one with lower amounts of regulation but also one where regulation is applied indiscriminately to all participants. Many bitcoin exchanges have only been viable because a they did not yet have the same regulation applied to them as is applied to "fiat" exchanges. There are necessary regulations for how exchanges or ATMs work, what sort of reporting they need to do, and what sort of safeguards are in place to protect customers from fraud and loss. And there is a lack of financial professionals who believe in bitcoin enough to help adequately build these systems, and of course far more importantly, a huge lack of demand from the general population.

By your logic, if His Majesty The King applies his laws equally to everyone, then it's a free market?

Any organization which is tax-funded has inequality and discrimination built in. Some are net tax payers, others are net tax receivers. Then, net tax receivers dictate why it's good and honest for them not to pay, but receive and why it's good and honest for them to extract payment from others. And under what "regulations". Obviously, tax-funded regulations cannot be applied indiscriminately to all participants.

Free market is not about equality. It's about ability to protect property against anyone's opinion. Bitcoin and the internet themselves are a fine example of a nearly free market: no matter what you think of me and no matter what I think of you, we both can avoid each other and no one can take each other's coins. But if we don't have such technology and have to keep our cash in a bank, then we both depend on someone's opinion how the money should be used and how much we can spend and where.

The problem with MtGox is that they are preventing the switch. In a totally free market, that would be the standard scenario--as soon as an exchange got large enough, it could (and would) simply halt outbound transactions because there wouldn't be any regulations requiring it to switch (and economically, at that point it would be better to prevent outbound transactions than to compete for new business).

One of the problems with people advocating for a free market is that they don't understand what it really means: might makes right.

1. What exactly does MtGox prevent? I never used it, never relied on it and almost all of my friends don't care about MtGox. Yet all of us were able to buy, sell, trade and write software for Bitcoin without a problem.

2. Free market for me is about protection, not aggression. Bitcoin network is a free market in a sense that everyone's property is very cheap to protect and very expensive to extract. No matter what I think about how government should work, your BTC is safe and same for my BTC regarding your opinions. We simply have no other way, but to stop arguing and start cooperating voluntarily or just ignore each other. With BTC scripts we can fully insure our contracts without any need for neither "law", not its "enforcement". You can be very-very rich guy, but it still will be more expensive for you to steal my coins than just to trade honestly.

Expanded argument: http://blog.oleganza.com/post/71410377996/crypto-anarchy-doe...

1) MtGox currently prevents outbound transfers of Bitcoins, and limits conversions into real currency.

2) Using your own personalized definition of free market changes the discussion. "Free market" isn't about protection or aggression, or power of any kind. The common definition is that that the market is free of external influences, so that market forces determine all outcomes. Indeed--by the common definition of "free market" Bitcoin is the absolute opposite--it's the pinnacle of socialized currency: everyone owns the currency and everyone is responsible for protecting it. BTC scripts don't eliminate the law or its enforcement, they become the law. (Law is simply regulation--in whatever form it takes place. For example, in the US law is both statutory, case-based, and practice-based, depending on the context.)

Ah... you just learned something, free markets and "capitalism" are related but not the same.

  > "...rather than their own bottom line."
So much for capitalism I guess...

Trying to find an European alternative. Suggestions next to https://localbitcoins.com or http://www.coinnext.com/ ?

Today's price fluctuation only proves that people do not really understand how Bitcoin works. Many keep all their coins on the exchange because they got used to the traditional banking. MtGox says "it's a fault in the protocol" and people sell off in panic. Thankfully, over time we have more exchanges, more different implementations, more and better educational resources to learn about real risks of Bitcoin. Meanwhile, smart people pick up cheap coins while they can.

This article seems rather biased and brings in lots of past problems at Mt. Gox rather than focusing on the current issue - perhaps because a more detailed explanation of the current issue would reveal that this problem goes beyond Mt. Gox. There is a disturbing tendency among some Bitcoin partisans to instantly dismiss any issue that comes up as being well-known and well-understood, even if "well-known" means that it was posted somewhere on a message board read by few.

If it goes beyond Gox, why are other exchanges operating seemingly with no problems? Bitstamp is a good example of a well run exchange. Gox has been mired in self inflicted problems for many months.

From my understanding, workarounds do exist for the issue, and some exchanges probably have implemented them. However, the issue goes beyond Gox in the sense that without those workarounds in place, any exchange could be vulnerable.

the official Bitcoin daemon (bitcoind) does not rely on a transaction ID to determine if a transaction succeeded

Sooo how does it do it? How does it determine a unique transaction id?

It tracks the coins you were spending when you made the transaction.

IIRC it sends some money back to you at a new address that you know about.

>Their implementation, against all advice, does rely on the transaction ID, which makes this attack possible.

I think a lot of the comments here and especially the article detracts from the discussion. The article seems to go on a rant of all the other mistakes mt gox make rather than addressing the issue.

What is the recommended solution by bitcoin implementers to verify a transaction succeeded, with transaction malleability existing ?

Why do these services exist at all ?

Cannot the bit coin protocol be used by end users with full features without a third party "wallet" service ?

Are these services purely for people that don't understand files and encryption utilities ?

I do not use bitcoin, but if I did, I assume I would just protect and back up those computer files like many other extremely valuable computer files I have.

What am I missing here ?

These services generally provide a service that is not part of standalone bitcoin, whether that is a payment API which generates addresses and verifies transactions for customers, an exchange to trade and value bitcoin based on fiat currency, or a user-friendly wallet that allows access from anywhere with internet access and bypasses the need for a user to download and update their own copy of the blockchain. (The blockchain is pretty large. It currently sits around 13GB and is always growing.)

There are also end-user applications like Armory, which are meant to manage and secure a wallet on an end-user's machine, but its inevitable that people will use online services for foreseeable future.

There are clients, like Electrum and MultiBit, that don't require downloading the whole blockchain. The average person should be using these, IMO, not trusting any e-wallets.

Mtgox is an exchange, so think of your stock broker. You wire your broker/brokerage a pool of your money, and shuffle it around in the brokerage among various assets. If you like, you can put more in or take some out, but the brokerage generally holds your assets while you are trading.

Exchanges are for trading and speculation.

because getting coins used to be much easier a couple years back

Not mentioned in this post is that during that hack where hashed passwords were released, Mt. Gox was using md5. What jokers.

Hacked bitcoin exchange patforms, its not the point the structure, there cs or a bug in the bitcoin system.The big players have to coopered to avoid the unlimited use from the fed of fiat money to buy bitcoins and attac the big .platforms on using a extreme blow off

I wonder which side is actually telling the truth...

If you'd like an in-depth discussion of what Mt. Gox has screwed up and how:


They didn't discover anything - they were warned, quite some time ago, that they were not correctly spending and opening themselves up for double+ spends due to their own misunderstanding of how to reliably track a spend (compounded by their coding errors).

Are you serious?

the justin bieber of bitcoin exchange

In case anyone needs a reminder:

Magic The Gathering Online Exchange.

Chase Manhattan, they are not.

They don't seem too dissimilar.

JP Morgan Chase started as The Manhattan Company (http://en.wikipedia.org/wiki/The_Manhattan_Company). Formed to provide a clean water supply instead the owners took 95% of the $2 million to form a bank and created a system of waterworks that caused massive cholera outbreaks ... I don't think MtGox has killed anyone yet, though I've been convinced for a time that they've probably made-off with a lot of the money.

JP Morgan Chase aren't exactly trustworthy either, motivation based on pure financial profit will do that - a synopsis of some of their major indiscretions: http://www.icij.org/offshore/jpmorgan-chases-record-highligh...

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact