Hacker News new | past | comments | ask | show | jobs | submit login

I will point out that MtGox did not use bitcoind (the official Bitcoin client), instead writing their own. However, even that would not have allowed attackers to withdraw more than they should.

What can happen is that the Bitcoin network fails to confirm a transaction. This can happen for various reasons, but a fairly obscure one is that someone on the network can mangle the transaction, changing its transaction ID without changing its signature. The transaction will actually go through, but with a different ID. The way to get around this is to keep track of what money you're spending and to whom, just like a normal ledger.

Because transactions aren't necessarily guaranteed (they're just very likely to happen, if accompanied by a fee), MtGox implemented logic to allow them to mark a transaction as not having taken place in their internal record-keeping, and generate a whole new transaction, with the money coming from a different source. This may have been an automatic process.

The thing is, if someone had mangled the transaction, MtGox would not have picked it up as having happened - because rather than keeping track of what money they'd spent and to whom, they kept track of transaction IDs - and sent more money to the attackers. This may have happened multiple times.

What they should have done is simply re-sent the exact same transaction (same money, same recipient) if it didn't go through. If it doesn't go through after several retries, that's a technical issue that should be forwarded to a developer who can look at the blockchain and see whether the money was actually spent.

This is, therefore, a cascading disaster, but a very preventable one. It started with MtGox's developers not understanding the bitcoin protocol correctly, but that in itself wouldn't have been a problem. It's what they did in a failure scenario that was the problem; if a transaction didn't go through, they simply attempted to spend different money (think a completely automated "I can't seem to spend out of one bank account, so I'll spend out of my other bank account"), and they didn't throw an error back to a human. This should never be done in financial software.

The long and the short of it is, don't trust developers who've never touched financial systems to develop closed source financial software.

This can happen for various reasons, but a fairly obscure one is that someone on the network can mangle the transaction

If it's a way to swindle people out of thousands, or hundreds of thousands, of dollars, then people are going to drive truckloads of money out that hole. it goes from "an obscure case" to "holy hell people are just stealing all our money".

Yeah, thing is, as I explained towards the bottom of the post, it was this in combination with their failure mode that caused people to be able to steal all their money.

If they had a sane failure mode, this would never have been a problem, even if they completely fucked up their understanding of the Bitcoin protocol in incomprehensible ways, or if there was a bug in the Bitcoin protocol that nobody was aware of.

Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact