Hacker News new | more | comments | ask | show | jobs | submit login
Ask HN: Where are the 750k Bitcoins lost by Mt. Gox?
218 points by pmcpinto on Feb 28, 2014 | hide | past | web | favorite | 195 comments

In November of 2011 Mt. Gox demonstrated control of 500k BTC.

I followed the 500,000 BTC for a bit beginning at https://blockchain.info/tx/b269bf1b82dae8a61f7f91dbf7a9d807e....

The coins move around and small amounts are sent away, but the majority ends up back in Mt. Gox's main (hot) wallet. This repeats a few times until the majority is paid back to the main Mt.Gox address.

Here is the transaction where it starts to get interesting:


What's left of the 500,000 (429.9k) is split into roughly half and sent to 2 new address. And then each of those address splits the coins in half and sends to two new address.

The end result is that the 429k was split again and again until the funds are split into many addresses, each of which now contain less than 1,000 BTC each. I stopped following the transactions there.

Why take 429k and split it into many addresses each containing less than 1,000 BTC each?

I'd like to see someone trace all of these coins and see if they end up coming together somewhere or show a pattern.

It would be interesting to put these transactions, or the whole blockchain, in a graph database like Neo4J. Dealing with it as a graph would make it easier to find the sinks for all the transactions that started from that wallet. It would also be interesting to look at deviations from the historical statistical distribution in the aggregate of these transactions as a function of time, that would show when a single actor moved a lot of bitcoins even if it is allocated among many addresses. I would bet that the thieves didn't bother to match their transactions with the background statistical distribution.

Visualising it in something like KeyLines (http://keylines.com/) would be awesome.

Couldn't find a single download link or pricing/buy link.

It's under Pricing in the FAQ page (the gist: contact them via the contact link to discuss a price, because it's apparently too complicated to estimate), but yeah, the FAQ seems like rather an odd place to relegate such an important aspect to.

A quick translation: "pricing not on the front page, because contact us" -> "we have an enterprise sales model, which means that if you won't pay six figure prices, forget you ever saw this product".

Not always literally true, but a good rule of thumb; you can't really sell $100-$1000 products that way, the cost/time of salespeople doesn't work out in that case.

Perhaps it's under the frequently asked questions because no one can find the bloody thing. Thanks for pointing it out though.

I followed until this far


And it goes back to MtGox address. What?

Following another chain and ended up here


Same. Goes back to MtGox.

Edit: Guys, the original address. The one which contains the MtGox coins. If you track any large transaction. > $30k, even the recent ones. They follow the same pattern. Split into two. And they all end up in pretty big wallets.

As much as I want to call it a witch hunt, there seem to be some patterns (I may be biased as I do want this thing to end up in positive). There's still so much information missing.

I'm a bit new to bitcoins, but is it technically possible for the bitcoins community as a whole to make a blacklist of bitcoins addresses and "ban" the stolen bitcoins ? Such blacklist would daunt robbers and enforce public trust in bitcoins.

This is not technically speaking impossible, but the Bitcoin community has a visceral hatred for the idea, because it allows off-blockchain-entities to effectively deprive them of the use of their coins. It also undermines trust in the currency generally, since why accept Bitcoins if there is the possibility that you'd be paid with black Bitcoins instead of white Bitcoins, when you're practically speaking guaranteed that all dollars are green.

Also "Take all the coins that went through Silk Road. Now, floodfill forward." (probably) colors most of the network black.

Since the blockchain is a consesus of a majority of miners, could we not roll the blockchain back to before Mtgox screwed the pooch?

Nobody who sold anything for bitcoin since before the rollback point would consent to this.

Well, the supply of BTC is finite, so simply excluding stolen BTC's has some additional problems. May be better than not addressing it, but while BTC provides a mechanism for following them through the transaction chain, it's not that simple to ID what addresses contain "stolen" BTC. What if the thieves are able to launder them through unwitting proxies? For example, steal a bunch of BTC, sell them on another exchange immediately, and now, how do you blacklist those "stolen" bitcoins without screwing over an innocent bystander?

Because transactions are recorded in a public blockchain, couldn't that be a big downside for anyone accepting bitcoin whether or not the coins appear on a blacklist/warning list. If a sending wallet address is associated with some contested activity (e.g. someone getting sued, or indited), I could imagine that those BTC could easily get swept up in the legal actions to unwind or resolve the activity.

This vs accepting cash which is fungible, and would need some other evidence associating the buyers money with the contested activity. At least the resolution activity there would likely be stopped at one level from receiving the cash, but with BTC, you happen to be able to track that one specific coin right through multiple layers of transactions. I can see lawyers tracking all the way out to the current holder of a given BTC.

edit: Upon a bit more side reading, I think the tracability of a given BTC is a bit overstated here.

That is assuming you can "blacklist" addresses before the transaction takes place. Or they could just create a new BTC address.

I'm pretty sure your logic is flawed. Someone is already screwed, its sort of why police can confiscate stolen goods even if you paid for them.

I'd like to know if it would be feasible to regulate in someway to claim ownership of said coins and have them returned should they turn up in some sort of regulated clearing house / exchange. Caveat: I know this is in no way possible right now, yet as soon as this block chain gets large enough we are going to have some form of centralization going on, and with that I am certain it will be regulated in some way eventually. That is, if it lasts that long.

What exactly is the plan to deal with a multi terabyte block chain anyways?

Are coins able to be differentiated from a wallet?

Sometimes, yes. Not always - it depends on how the transactions inside the wallet are organised, which is not usually displayed unless you go looking for it.

Not that it matters - if 100BTC go into a wallet, and an hour later 100BTC comes out of that wallet, it's fairly irrelevant whether or not they're the same coins.

Well, it does matter - if 100 stolen BTC go into a wallet that has 900 BTC already, and then 1000 deals of 1BTC go out to different wallets... then you blacklist and seize all 1000 outgoing BTC or some arbitrary 100 BTC or some specific (how) 100 BTC?

It would be possible if enough miners started supporting a blacklist, but the real problem is not enforcing it, but who decides which coins are "stolen"?

Bitcoin is decentralized, and that's the benefit of it. Creating a global block list would go against that.

Others have proposed such measure. And it sounds like a good thing on its face.

The problem is that who then decides which coins are "bad"? Does the US Government get to decide? How about coins that fund organizations that the US Government doesn't care for?

My personal opinion is that no bitcoin should ever be tagged as better or worse than any other one. By messing with the fungibility of the currency, we would do way more harm in the long run than good.

In principle everybody can decide for themselves which bitcoin they are willing to accept (there's no need for a central authority to do this).

If enough participants agree that bitcoin from a certain source are 'tainted', they become less valuable (similar to what we have seen at the Mt Gox exchange).

Bitcoin are very clearly distinguishable and thus there's no reason for them to be long-term fungible.

But what if I steal a Bitcoin and exchange it directly to USD. If the coin is banned later my counterparty, who acted in good faith, is left with an empty bag.

In that case, it's like any other stolen good. If you accept stolen property, you don't hold title to it, whether or not your intentions were honest.

Traditionally, this is not the case with money. The money asset is different from all other assets in this respect. This matter was settled in Scotland over 300 years ago. http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2260952

The result is that even if you can prove that someone else holds a dollar bill that was stolen from you at some point, you do not necessarily have the right to get it back.

See also the Wikipedia article on the principle of "Nemo dat quod non habet" ("no one gives what he doesn't have"): http://en.wikipedia.org/wiki/Nemo_dat_quod_non_habet

Until Bitcoin is legal tender, it's more like a commodity than money.

"legal tender" is a strange concept. For example, £5, £10, £20 and £50 notes are not legal tender in Scotland. But I don't think most Scottish people consider those notes to be "more like a commodity than money."

Great. Go steal some Bitcoins and have some fun then.

I'm not sure what happens if stolen Euros or gold are accepted as payment. These aren't legal tender in the US, so if they are exempt from the aforementioned rule, then bitcoins might be as well.

So now both the BTC and the USD are now stolen? You mean that conversion doubles the number of stolen goods?

This is no different from real life scenarios. Suppose someone stole a $5000 ring, sold it for $2500. The ring is still stolen, the police can and will confiscate the ring, so the buyer is out of the $5000 ring and their $2500 paid for the stolen property. The ring is stolen from the owner, the money is stolen from the buyer.

If the police confiscate the ring they will return it to the original owner, they don't just keep it.

Yea--keep the loot; won't bother to retrieve stolen bikes at flea markets; cruise the streets looking for marginal DUI's; always handing out tickets for marginal infractions. I look at them as Tax Collectors. For protection, I would have more luck printing out a Physibe gun.

I think that would depend on jurisdiction but I don't think reclaiming would be workable in this scenario.

Imagine this: I exploit malleability and deposit directly in my BTC-e account, exchange to LTC etc, etc on dozens of exchange and finally to USD. I cash out to cash and disappear. I of course gave my final stop false information. So now my last victim gets a claim, if this last victim happens to be an exchange and it is forced to pay up and the amount is somewhat significant that exchange is now insolvent. Whose problem is that? The exchange declares bankruptcy and their customers get a haircut.

This won't happen, it does more harm than good.

You're describing money laundering, which scrubs the stolen property of its association with a crime. Its a technique which can obviously be successful, but is a crime in its own right.

The main issue here is that once a Bitcoin enters a wallet, it's indistinguishable from the other BTC in that wallet. So you'd have to blacklist whole wallets, and since you can't deny payments, people possessing stolen BTC would simply tip anyone trying to enforce this scheme.

while in theory possible, this approach has not been done because it is said to be a slippery slope down the lines of being against "bitcoin neutrality".

once the feature exists to treat one set of coins different from another, it leaves the protocol open to control by centralized parties - they could ban the use of "unidentified coins", etc.

Absolutely impossible. One of the major positives of bitcoin is that accounts cannot be frozen by any authority.

Making arbitrary decisions to ban bitcoins seems fundamentally antithetical to the whole exercise.

Impossible. You'd have to somehow convince ALL miners to not process them.

Fungibility prevents you from simply blacklisting these coins.


Actually you just need to update the code and push it via the update mechanism.

Code of what? Bitcoin is not one central code base with a global update system.

> Why take 429k and split it into many addresses each containing less than 1,000 BTC each?

Ever heard the adage "Don't put all your eggs in one basket"?

It's possible that MtGox used to operate everything from a single, large wallet but decided to split it up into lots of smaller wallets, to avoid the risk of suffering a single, catastrophic compromise.

>>Ever heard the adage "Don't put all your eggs in one basket"?

I'm pretty sure the opposite is also true though, as in "don't split all your eggs among thousands of little baskets." I mean, at some point the overhead of managing all of those wallets must outweigh the risk of having everything in one wallet, right?

They should have written a check that runs periodically to check that the sum of all wallets equals their total BTC according to their ledgers. You have to write that process anyway, it shouldn't matter too much if it has to examine 100 wallets or 10,000 wallets.

I wouldn't want to be the guy tracing and debugging that process. Not saying it can't be done, but the extra complexity might do more harm than good

I am pretty sure the extra complexity would still outweigh the benefit of losing 500k bc at one time.

its easy to say that in hindsight :D

I imagine it was automated (with PHP!). I also imagine that it was a large part of the reason we're all in this thread.

I should invest in baskets.

When following the splits-in-2 of this transaction, many accounts still have about 1000 BTC in their final balance according to blockchain. E.g: 1BoGw97oS9L2mU8HTQqpm7yxC72H4LCm6i (Final Balance: 1,000.35 BTC). The question is: who may be the owner of those large amounts of of about 1000 btc? If MtGox did all those splits in 2 smaller accounts, then MtGox could still be the owner?

Good find!

How many of those did you trace? Can someone automate this trace?

Or if not, can we start listing all the addresses and the transaction chains to get there?

[Update] Here's a doc if anyone else wants to work on this manually: https://docs.google.com/spreadsheet/ccc?key=0AguUOoH79qm7dFl...

[Update] Forgot to make it editable. Now it is editable.

I can't trace these coins to 1BoGw97oS9L2mU8HTQqpm7yxC72H4LCm6i. Can you share how you did it?

You showed that account 1M1ZkWpHfuQthji2AVsGDvpfY2PrcXQar6 had about 430000 BTC and split coins in 2 other accounts and so on. I followed one of the splits and its subsequents:

14qKyR7b86JVHn5mfm6Dm3G756BgxhMqMP received 203002 BTC.

Then it sent 202658 BTC to 13JAudzPvKYyBtY9XpkhNW3YdDqBsi3c7Q.

Then it sent 108570 BTC to 144rbLnQmwH8MbB5iirSqvaPgXB9NMdcdb.

Then it sent 44505 BTC to 18pGH9G1FtpAkBt1zHTDuYXxPFMXqPG8PU.

Then it sent 23525 BTC to 13kfZQxVC6qi5pDSw56Fi3boTU7qMar8Nf.

Then it sent 23525 BTC to 14EKdT8ENWUY33Vyd7PN4TgLg6mnrwUt4T.

Then it sent 9576 BTC to 7jj6RTpzayiHDeFfCR5ihnDFccK997UNT.

Then it sent 5456 BTC to NRZTrVBQEcQ7EWgEdfUrs9xHjuwazdcuf.

Then it sent 2878 BTC to 2kSAA9HY11xwDi2QvmtZN1TYWuRdZb7Gx.

Then it sent 1241 BTC to 1GKUwZEzMoM92BVjVTNAwoSnUxeANhiawc.

Then it sent 509 BTC to 16hpTHQDWRTDkhgHw2T3RDneJM74XJXDoD.

Then it sent 473 BTC to 1KuNerYrrHiNR6bGgQesUiCyQt5u5qVBVQ.

Then it sent 473 BTC to 1Mu3EwLg85J3sV8No3RKLvwZPu2XZqEE63.

Then it sent 473 BTC to 1PgLdynDGFtsfpj6u442gokuLF1kZPCiRa.

Then it sent 376 BTC to 12yUfwW8DmgkZmAcAYsMzGWGw7LCmiQzXa.

Then it sent 375 BTC to 1CZHLDbrswW6ku8eHEDLLHC8Wr3RxowW3x.

Then it sent 354 BTC to 15robQvbP2Q1rZ9kMADnuv9f6tFhwkzz5z.

Then it sent 305 BTC to 1Jsdgh21hrbRuLuKeyvEGdkBauHiYXm7FN.

Then it sent 286 BTC to 1Q64Rx1tVCNeucdUGLkGdo1asiPHhPjoNW.

Then it sent 260 BTC to 1JWjfsk2tUAE83MtBjNEXP85ArxJuWoqg6.

Then it sent 260 BTC to 1JS9EAFzrjeFrLiPaK57mXeAZLwqHdEbPa.

Then it sent 256 BTC to 1421kfM6sbCXYsSZnvL6Dw1StXW2tbq4gZ.

Then it sent 247 BTC to 12eq3PnDcHLT2xpHevZMmFuVHymULjdoaj.

Then it sent 125 BTC to 12ZWoyaSwj53spGWGt9AtGCA28uLq58SCk.

Then it sent 125 BTC to 1Kf6KQd2oQA3yGPQDw8teCZVK7wj6C7ms7.

Then it sent 78 BTC to 1A3AsuYVsgdKNRDm7SGKkkHD9LQeuuipfe.

Then it sent 49 BTC to 1bu6ZBmksM5sRVEZspDKaXb5zTxZRuhrW.

Then it sent 49 BTC to 1J2HFUhF5xSnDXL3Zw3vCiEdv7eJi4EbM5.

Then it sent 156 BTC to 1JT6L2sT9z3QNitk4a2xiDEuwq3dksPYsb.

Then it sent 3730 BTC to 17C6oanWeXbehGZNL5fpUKsEQfMFya1pVD.

Then it sent 1000 BTC to 1MoUfk2Bow7n9B6ksreCbcyDzXdRTFMpC9 (this seems important address, received more than 117500 BTC).

Then it sent 998.99995 BTC to 1Ky8YXSXGensz2J8BYUprtLJvjcjNN3xbm.

Then it sent 999.99 BTC to 12wjEVECppk1rPBTQXyZ6m8zn4h91AzzSf.

Then it sent 1000 BTC to 1BoGw97oS9L2mU8HTQqpm7yxC72H4LCm6i, who still has 1000.35 BTC in its final balance.

Wow! Thanks. Did you just find that manually?

Having somewhere in the region of half a billion dollars in a single wallet would feel very dangerous to me, certainly.

Yeah, that worked out well.

"Coming together" is a bit difficult to determine -- how do you identify a large group of recipient addresses as a single entity? How do you differentiate between a group of addresses belonging to a single owner, and a group of addresses belonging to multiple owners?

We can construct a graph tree all destinations beginning from that one address, but what good would that be? Where do you make inferences to determine the identity of the recipients? How do you group them together?

At some point your trail becomes so long and so disparate that any effort to continue following that trail would be a pointless endeavor.

Sure the technology is there to follow the trail indefinitely, and (where available) you can easily check all recipient addresses from this "poisoned" tree against regular fiat exchange logs, but within the BTC ecosystem? It's an interesting intellectual challenge, but not useful.

Here is an example of something you might find:

Say you traced these coins to 50 different addresses. And then, for example, say that those addresses lay dormant for 3 months. And then 45 of those addresses send bitcoins somewhere on the same day. That would imply that the coins are under the control of a single owner.

I agree it is difficult and beyond the scope of just writing a simple script.

This seems like the best way to go about it. Use statistical analysis to find similarities between wallets involved in transactions stemming from the root. When you can give a qualitative "Here's where these coins are going", you can start to identify the culprit. Since there doesn't seem to be a legal framework to prosecute such theft anyway, I'd really just want to find them to congratulate them. Sorry to anybody who lost their coins :(

I was thinking about dumping the Blockchain into Splunk. Investigating the best way to do that today.

I don't know much about btc, but John Radcliffe has a nice command line blockchain parser/query tool: http://codesuppository.blogspot.com/2014/01/a-command-line-i...

Or maybe you find that all of these coins end up in addresses that have not been touched in 2 years. That would lend support to the theories that the cold wallet keys were lost.

I wonder, can this trace be automated?

It must be. Has anyone built a transaction tracer? Perhaps a visualizer using d3?

Assuming those transactions you describe constitute "the theft", how on earth could Gox not have noticed their wallets being emptied?

That's the 750k Bitcoin question.

Can anybody follow one of these "branches" until the very last known transaction on the blockchain? Would that clear anything up?

I haven't seen anyone do a comprehensive analysis yet. I assume someone is working on this. But maybe everyone else thinks that too.

Here is a some background information at Let's Talk Bitcoin:


If you were going to steal bitcoins in this manner you'd run them through a number of tumblers. Tumblers are essentially the laundering facility for bitcoins. Lots of coins from various locations come in, put into a pool, and then get sent back out. There's no way to track coins you receive back to a particular transaction. Since 6% of all bitcoins are stolen, more than likely anyone holding bitcoins has a good chance of holding some stolen ones.

Yeah, people have been trying all kinds of analysis on these addresses on r/bitcoin this week- So far the jury is out as to whether meaningful info can be gathered in this way.

Yeah, and I'm sure this line of thinking, will eventually route out the person who stole all those bitcoins -- and I won't be surprised it it's The top execs of Mt. Gox - - who better to take the money and run? They KNEW that they couldn't possibly sell bitcoins at higher than market prices, and make a profit UNLESS they were running a Ponzi scheme.


Is there an API available for doing this type of analysis of the blockchain (or a program already built for this)?

that's common practice to anonymize bitcoins. google 'bitcoin tumbling service'.

If any scenario that 'blacklists' some bitcoins is implemented (IMHO it won't, but if we're discussing it..), then any bitcoins 'tumbled together' with blacklisted bitcoins would be blacklisted as well.

Which would mean that either people would stop using tumbling services (since the process would turn 'good' bitcoins into 'tainted' bitcoins as soon as a single participant wanted to anonymize stolen BTC), or tumbling services would disallow tumbling any blacklisted bitcoins, or both.

So do you think that these 429k bitcoins were all sent through a tumbler? Now that would be interesting information.

Can we verify this? Obviously we can't trace the outputs, but can we look for patterns that suggest the use of tumblers/mixers?

well, that's the whole purpose of a tumbling service. i mean you don't even know how long they will be stuck there. i didn't investigate this, but splitting those into small amounts and then tumbling these around seems like exactly this pattern. if you are interested on how this was done in the maybe now second biggest known btc heist check http://www.newstatesman.com/future-proof/2013/12/theres-£60m...

To be honest, tumbling such large amount of BTC serves no purpose because you overflow the rest of the people tumbling.

Tumbling only works if you're a small fraction of the total. If you put $300 million into a tumbler that only has $1 million of other volume, then it's pretty easy to track you.

Sure, but you don't tumble it all at once. Other commenters showed that these BTC were split up into ~1000 BTC chunks. Each of those could send randomly to different tumblers and anonymize all of their activities to send to a new set of addresses which people aren't tracking, and then from there gradually pull it out of various exchanges to various banks and accounts.

Sure, but if you have access to $300 million and want to tumble $1 million, wouldn't it be hard to track you?

I suspect that the bitcoins have been exchanged for something else and are back circulating around. The beauty of the heist is that any bitcoin in circulation invariably passes through transactions where the parties have a compelling interest in not being attached to the transaction.

After finding a stolen bitcoin, unravelling its history back to the Mt. Gox Heist is likely to meet a wall of resistence - e.g. if it passed through Silk Road the parties on both sides will be reluctant to come forward and provide information.

In terms of a tort, is it civil or criminal? Was the loss of the coins by Mt. Gox simply an unsatisfactory business transaction? Supposing there was a theft, how should the bitcoins be valued? By the amount of storage space they consume, by the cost of the resources required to create them? If by some market price, which one - some average at the time of their creation, at the time of their loss, at the time of their recovery, or at the time of the prosecution? Many of those values are zero.

Finally, how many of Mt. Gox's customers are going to come forward and claim ownership if such claims are accompanied by a risk of being asked "And how came you to acquire these bitcoins?"

Unlike fiat currency, no government has an interest in supporting the agreed upon fiction that bitcoins are not a fiction. Stealing cash is a crime because the government has an interest in cash being an asset.

The problem with cryptocurrency is the proportion of black and grey market interests it attracts. With bitcoin, they were there first and good citizens second. Separating good citizens from their money was always going to be an attractive option, probably more attractive than separating participants in the black and grey markets from theirs given the greater potential for more serious reprisals which might accompany theft.

It's been over since the first Bitcoin story on NPR.

Some info here: http://www.reddit.com/r/Bitcoin/comments/1z37zw/mt_gox_has_a...

"MtGox still has at least 200k BTC"

Here are the possibilities, as far as I can tell:

1) That information is inaccurate.

2) MtGox lost their private keys.

3) The private keys were kept in a bank vault, which was seized by a foreign entity like the US government at some earlier time.

4) MtGox stole the coins.

The management of MtGox knows which of these is correct, but they probably aren't going to say.

5) they were stolen

Which is the same as 2) and 3).

No, could have been stolen through bugs in their software (e.g. transaction maleability), not directly from stealing the keys

that is #2

not exactly the same, one bad actor owning that amount of bitcoins would be scary: for example, this person could first trade otc one fraction after mixing, second talk with some entity that hates bitcoin (say jpmorgan) and tell them that you can sell the rest in the open market (on every big exchange) sending the price to 0 (literally), get profits and powerful new friends from doing this.

The situation doesn't looks good.

With the possibility of getting down voted into oblivion.

The BTC lost/stolen are all available within blockchain/public ledger. Depending on who stole them, it would probably be distributed within multiple very smaller transaction.

It my be traceable, but likely unrecoverable, because this is a feature of Bitcoin. In other words authorities and forensic enthusiasts can find the BTC but they are most likely lost at the same time.

This is the issue. It can become a never-ending wild-goose chase. The thieves can continue to move the funds around until they're no longer tracked, or far enough ahead that from the trackers (assuming there's any enforcement or penalties or laws relating to accepting stolen Bitcoin - which there aren't currently) or just spend them if they're not being tracked or if there's no enforcement in place.

The thieves will move funds around at little cost in order to try to gain the value from the Bitcoin they stole.

The problem with Bitcoin is that because there's no fee associated with them, there's no money or resources being made available or directed towards policing and following of these thieves.

Edit: And it's not particularly fair to use the rest of society's resources to do this policing, when they're not contributing to the system - they're avoiding contributing, to a partially corrupt and currently inefficient system, yes - but it'd be better to fix these inefficiencies and deal with the corruption.

Eventually all addresses will contain coin from all other addresses, if they are spent. It's the Kevin Bacon rating for currency.

In the short term, referencing Blockchain transaction over a given period of time, a destination address could be assigned a lower karma value for having a relationship with a bad actor address. The karma could be measured in amounts taken from other bad karma addresses.

While your wallet may contain trace amounts of bad karma money, it eventually gets diluted over time. Maybe we could utilize a days destroyed karma as well.

"Bad coin" diluted into legitimate users just means the people who were thieves got away with spending the money. That's bad.

> The problem with Bitcoin is that because there's no fee associated with them, there's no money or resources being made available or directed towards policing and following of these thieves.

How do you know that? Given the amount that was stolen, I would be very surprised if some victims are not employing considerable resources to find the thieves. Also given the amount, many layers and private investigators are probably willing to do speculative work on commission. It would just be silly for them to advertise such efforts.

The relevant amount lost is the amount lost by the person who is hiring said lawyer/private investigator, not the overall amount.

Wouldn't, in this high profile clustereff, somehow tracking down those bitcoins cause bitcoin in general more harm than good? Would it not highlight that one way or another, either by fault of bitcoin or human error, that like Tor it is not bulletproof in terms of anonymity and susceptibility to being taken back from someone, whether that someone is a good or bad guy?

Taken back? Finding a person is one thing - you need a lot of resources to track a person down - then trying to find where they may have hidden the keys needed to use the Bitcoin is another. People who have stolen millions of real dollars are still able to just hide the cash or money in off-shore accounts. Similar problems exist, though it doesn't start off anonymously. It's not really good or bad, it just is. We need to manage for best case scenario, and structure systems to provide best case scenarios. Controlled or rather fully-manageable ecosystems are the best, though they have the ability to be badly managed and through political lobbying, etc. cause a whole series of problems in a society.

To be clear, Bitcoin is not supposed to be anonymous. The centerpiece of its design is a publicly view-able log of every transaction ever made.

Let's say there are 2 categories of addresses involved with these coins; addresses that have been sufficiently analyzed (so you don't care anymore about tracking them) and addresses that have not been sufficiently analyzed.

Following the second category is roughly instantaneous, it's all on the block chain. So in some ways, the chase gets easier over time.

It would be helpful to know the costs of tracking these transactions, and how they may grow or be maintained over time.

From what I understand, tracing them is also hard because (generally) there isn't any annotation on the blockchain to indicate who actually had them or what they were used for. So its hard to tell what point is just another place they laundered them, or someone who just got them in a transactions and then reused them elsewhere.

Let's assume eventually they will be 'spent' somewhere- its going to be damn near impossible to track them down unless they transfer all of them into a single wallet with their name/address in the comment.

I wouldn't be that pessismistic.

If people manage to identify people behind the blockchains, I strongly suppose that law enforcements, depending on countries where the theift physically is, can force the thieft to give it back without any modifications to existing laws.

I think we can catch him when he is going to want to laundry his bitcoins.

Expect Reddit and 4Chan to spend weeks tracking the wrong transactions and the finally identifying a poor sap whose only fault was once buying coins from mtgox years ago. Which is not much different than being audited by the irs...

At least Reddit and 4Chan can't haul you off to prison nor freeze your bank accounts.

I think I'd rather be hauled off to prison than be the target of such ire.

Lol.. you've clearly never been to jail, much less prison.

I'm a middle class male.

If 4chan gets pissed off at me, my available recourse involves scouring all data traces I've made across the Internet and then hoping I did it fast enough before the pain train begins. At best, I could post some kind of apology or concession and pray they lose interest.

If the government wanted to put me in jail, my available recourse starts with a reasonably well documented legal system interested in fairly representing and judging me and extends all the way to, well... asking 4chan for help.

Maybe if I were black or female or gay, I'd prefer 4chan's treatment, but only maybe.

I'd say that the best recourse to a 4chan character assassination is to simply stop using the reddit/facebook/4chan for a week or two.

I think you're imagining that 4chan would stop with my internet presence. That's not historically true.

You've clearly never been on the receiving end of 4Chan.

Don't bitcoin tumbling services pretty much make it logistically impossible to follow the path of bitcoins if they cycle it enough? Also I wouldn't rely on the governments to do much to return people's investments in a currency they already distrust. In fact, considering the historic and contemporary roles the US and the IMF have had in deliberately destabilising and undermining international economies/currencies, you'd be naive to remove first world governments from the list of suspects. The incentive is even higher for them than normal thieves -- not only do they already have an established system for laundering stolen money, but they don't even need to remove the money to profit, they just need to steal it and render it inaccessible. The credibility of Bitcoin as an extranational, anonymous currency has been dealt a serious blow and, if you consider bitcoin a threat to the current institutions, then that has a value far greater than the few hundred million that they'd wind up with in pocket. I'm not throwing around any conspiracy theories here because there's no evidence for it so far, but I don't think there's anyone foolish enough to pretend that the US/UK/etc governments haven't already been in this ethical sphere of operations for decades. The first question was whether they have the werewithall to operate on this level technologically (confirmed by Snowden), and the second is whether they consider bitcoin a threat.

>I don't think there's anyone foolish enough to pretend that the US/UK/etc governments haven't already been in this ethical sphere of operations for decades.

You underestimate fools.

Actually, I was being optimistic.

I wanted to add the possibility of law enforcement from various countries tracing the alleged perpetrators. This is actually the most worrisome scenario, because a large portion of this would be unrecoverable from the law enforcement, due to the immense confusion stemming from authorities not knowing who has jurisdiction and the laws surrounding crypto-currencies.

This might be an acceptable situation for the customers but would be bad for the customers as over 6% of BTC would be almost permanently removed from circulation.

The community really needs to choose one of two messages:

a) Bitcoin is pseudonymous enough that you can safely buy drugs with it

b) Large thefts of bitcoin can be traced; it's not pseudonymous enough for massive frauds

Those two messages are not incompatible. It could be pseudonymous enough to buy drugs with it safely because the resources required to actually unravel identities is so much greater than the value of catching the drug purchaser (this assumes there is any value of catching the purchaser over the seller for purposes of argument).

At the same time, the value of solving large thefts like this makes expending substantial resources to solve it much more reasonable.

It's like stealing someone's iPhone with a ski mask on while a camera catches you vs. robbing a bank with a ski mask on with a camera catching you. Both thefts begin with the same amount of evidence, but the latter is infinitely more likely to have resources devoted to it.

So far, the Silk Road busts have nothing to do with Bitcoin. Everyone should assume that all BTC transactions are trivially traced, forever. Just make sure you aren't tying any identity you care about to dangerous transactions. That's the only (and of course difficult) trick.

If a drug buyer in a BTC transaction got the coins anonymously (say, sent a self-destructing robot to drop off cash in exchange for BTC), then that part is fine. They can go use those coins anonymously. If they ship drugs to their house, well... that alone sort of undoes it all.

The drug sellers that were caught from Silk Road were caught due to things like making a huge amount of trips to post offices, getting the attention of postal workers. That may be a parallel construction, but it seems legitimate enough. Buy drugs from large seller, look at the postmarks for patterns. Then go gumshoeing around and wait 'til you see the same car or people going to the same post offices over and over and over. You can probably pull this attack off without even having government capabilities.

But tracing bitcoins through the blockchain is largely a computational problem. Compute only gets cheaper. Identifying a robber in a ski mask is in a different problem domain.

I had never really thought about the consequences of a public blockchain and the decreasing cost of analyzing that blockchain.

I seem to recall a news story about how people who spied against US in the 40's and 50's were caught later in the 70's and 80's because the intercepted cipher texts had been kept for decades until technology was able to break and decrypt them. Looking at the blockchain reminds me of that feat. Of course, that could have also been a poorly written thriller I'm remembering instead...

The "value" to prosecutors of catching a drug seller could be considerable, especially if they're selling a lot.

Those two options are not mutually exclusive.

If you use it correctly, then bitcoin itself is anonymous.

.. which would imply that fraud was untraceable?

It would not imply that.

So, if I am induced into sending bitcoins into an address, and subsequently find out that I'm defrauded (e.g., if I were a gox customer), can I trace the fraudster?

i thought the leak had been happening for years? wouldn't they already be laundered?

and hasn't this happened already? someone did steal coins and was tracked for a while. how did that work out?


Really paranoid thieves could choose to lose a large number of the keys, making the chances good that investigations will run into dead ends. But al most no one is that paranoid. They'll just keep moving the bitcoins around.

Why doesn't Mt. Gox just publish the ID of the wallet(s) from which they were stolen?

1. They weren't stolen - lost in cold storage harddisk failure for example

2. Revealing it would show something extremely embarrassing - they only used a single wallet?

3. They still have them - yay?

4. They were stolen by Mt. Gox - gulp

MtGox may just have larger problems right now and can't get around to the actuarial work involved.

Though I agree a cold storage failure is still a good possibility, given the poor communication.

2a. Revealing it would show that although they did not commit the current theft, they have been running another unrelated scheme.

Can anything they say or do be trusted at this point? I mean regardless of exactly how it happened weather it was theft, insider theft, incompetence, or blackmail Gox is not a party worthy of implicit trust any longer.

"The Lost BitCoins of Mt Gox" sounds like a good Scooby Doo episode. Or Hardy Boys?

Velma yanks off mask.

Daphne gasps

"Mr. Karpeles!"

Fred: "Mark Karpeles was the thief all along!"

Karpeles: "And I would have gotten away with it, too, if it hadn't been for you meddling kids!"

Velma didn't even say Jinkies yet :(

haha :-) upvoting this.

Sherlock Holmes novel.

Here s an idea..

Feds sized silk road and the Bitcoin wallets

If any was stored or transacted at MTGox this might be some of the amount of losses MTGOX is now showing but NOT ALL OF The lOSSeS obviously

Bingo. The Feds seized their cold wallet somehow.

Mark has said repeatedly that Mt. Gox is under investigation and that he can't talk about it. There's a supposed IRC log from two days ago where he let it slip that he's under a gag order, saying two days ago "le gouv US ne veut pas qu'on disclose" (the US gov. doesn't want us to say anything)[0]. And he's said in public that he can't discuss the matter since he's under investigation.

So my guess is that the feds have seized his cold wallet as part of the Silk Road investigation, or even as part of the case against Mt. Gox itself, which was probably in a safety deposit box. They've already seized 5 million USD last year from Gox, why wouldn't they go after the Bitcoins, too?

And yes, the seized Bitcoins would not equal the number owed, but my guess is that they're the majority of them, say 80%.

If that's the case, account holders would have to petition the USD to prove they're not drug dealers and or tax evaders to get their money back.

This is an unusually silly conspiracy theory.

I find it extremely unlikely that MtGox would falsely claim that they suffered a theft due to transaction malleability (a real point of possible error) if the actual issue was a US Government seizure. It just strikes me as utterly unbelievable that they would actively cover up (rather than simply failing to disclose) a government seizure.

It's far, far more likely that Karpales is either grossly incompetent or a thief than it is that he's making up complicated stories to cover up a government action.

You can't disclose if you are under a gag order. If Mark was running a fractional reserve because the coins were seized, and they got hit with the transaction mailability issue, that could set the stage for what we're seeing today.

I agree Occam's Razor applies here. That said, we still don't know a lot about what happened.

Would a gag order from a US court apply to a Frenchman in Japan?

In theory, or in reality? There could be explicit, implied, or even naively assumed 'underhanded compliance encouragement' going on.

I wouldn't put my money on explicit, but if it was, it wouldn't be the first time.

I like that. "Prove you're not a drug dealer and we'll see if there's still money to return." It kind of gives the middle fingers to 3 somewhat-important US rights: the right to not self-incriminate (being coerced into providing new evidence that might be used against you), being considered innocent until proven guilty (assets seized without an active case against you), and that everyone is equal under the law (unless we say you're a drug dealer (or, going back 60 years, black)).

There would be precedent, in the form of cash seizure "civil forfeiture" proceedings at both the State and Federal level:


Asset forfeiture is, and always has been, a clear violation of the rule of law. (A suspect is innocent until proven guilty). Precedent or no.

"There's a supposed IRC log from two days ago where he let it slip that he's under a gag order"

It isn't supposed you can go read the IRC transcript. He said no such thing. What did happen is, in response to the question of what would he like to tell everyone who is waiting for news he replied with a link to a image with a Batman quote about failure. The image happened to be hosted on an image sharing site called 9gag.com. People think that was his secret way of signaling that since the word "gag" was in the website's URL. It is a total ridiculous conspiracy theory to think that he is under some kind of gag order that is preventing him from telling the truth about what happened to the coins.

fyi. A US gagging order has no legal power over a Frenchman in Japan.

It wouldn't even have to be a judicial order. The FBI or Treasury Department agent could just tell him something like "keep quiet about this or you're looking at 10 years in a federal prison". This is how prosecutors work here in the U.S., and Mark is under investigation by the U.S. government.

I don't believe this is right, but this is the reality.

I can't believe people think this is some kind of conspiracy theory. Mt. Gox has already had 5 million confiscated by the U.S., last year: http://techcrunch.com/2013/08/23/feds-seize-another-2-1-mill...

Why is it so unlikely that they seized more money, probably in the form of paper wallets from a safety deposit box? Japan law enforcement works closely with the U.S.

But here's what they really wanted from Mark, and I wonder if they got them: all the Mt. Gox account records, including IP logs and bank account numbers.

He should have shut down the exchange the second that happened; keeping it open is fraud.

"get their money back"


You can't really seize bitcoin. you can think you have. The only thing you need is a private key so if you store this in a encrypted file like you can with wallet.dat you can seize this file.

mean while you can have already split your key into parts and give them to trusted people. setup a dead man switch to email those people to talk and recombine private key, import into wallet and withdrawal funds.

this would have worked beautiful in silkroads case because the private was encrypted.

There's a lengthy post in /r/BitcoinMarkets about it:


This is another possibility people are overlook, that perhaps they never had them. Perhaps they simply built up a liability of 800k bitcoins by trading on their own exchange and making some bad calls.

If I had to venture a guess, I'd bet that not even Mark Karpeles knows what happened to the money.

Whilst the numbers quoted in US dollar terms are quite staggering, I would be interested to know what the actual losses are based on the initial investment dollar amount.

I'm guessing many of these coins were mined or bought before the astronomical price rises.

Of course I understand that that is irrelevant to people who have perceived millions of USD, but interesting nevertheless.

This is an interesting point. This value is all speculative until the it's resolved by conversion to another currency. The entirety of my LTC holdings are from mining coins, trading out to USD before it dropped, then 'buying' in again. I ended up with around five hundred bucks worth, mostly due to just smart trading, costing me nothing.

The value has recently dropped, and I'm sad that I didn't cash out before, but I didn't actually lose anything. I'm still up the entire value of my portfolio, I'm just not up as much as I was before (and could have cashed out at).

I do feel bad for the people who bought in and then lost it all.

Any truth to the claims made on this website?


"The Pony botnet attack was an ambitious data collection program. TrustWave reported staggering data loss statistics from the event the following sensitive information was stolen.

1,580,000 website login credentials 320,000 email account credentials 41,000 FTP account credentials 3,000 Remote Desktop credentials 3,000 Secure Shell account credentials Pony’s attack on the Bitcoin community took down the worlds largest Bitcoin exchange, and caused the price of Bitcoin to plummet. The attack reinforced security concerns over the currency. Can confidence in Bitcoin recover?"

"In the blockchain".

Assuming they weren't lost because someone forgot a password, all of the BTC lost / stolen in transaction malleability are traceable. Whether or not its feasible to check every transaction from Gox over the last few years and add up all the partial BTC is something I can't comment on.

there are top men working on this very thing.

Here's what I would do if I stole 750k Bitcoins.

1. Split the wallet up into as many wallets as possible. Preferably by transferring them through a couple hundred compromised (but not emptied) accounts.

2. Sell each individual wallet of say, 100-1000 BTC, on the black market. Make sure the transaction happens outside the transaction chain (i.e. either in real life or using other wallets with some kind of alternative trust system).

3. Be prepared to lose 5-20% of the value, in exchange for turning the money "white".

If the money was stolen and the people who took it aren't stupid, I don't see how someone is ever going to find it.

Of course, the more wallets you create and sell, the higher the probability that at least one of their buyers is stupid.

So if the bitcoins are seized by some government entity....wouldn't that make the total value of bitcoin go up? Supply and demand and all that...

Again, I know very, very little about bitcoin or economics in general.

Bitcoins have no intrinsic value. They only have value in trade.

If I started my own currency called a superdollar, and I had the only superdollar in existence, it would be worthless, despite the fact that it was very rare.

If a foreign entity can make the bitcoins you have disappear, that leads to less confidence in your ability to use the bitcoins for trade. The fact that there's fewer out there doesn't mean yours are more valuable. The number of bitcoins has been constantly increasing, yet the price has been going steadily up as well. That's because they've become more trusted, more usable. More places will accept them in trade, and more exchanges exist.

When places like Mt. Gox fail, or fear that foreign entities have the ability to essentially rob the banks with impunity, it makes the currency less trusted.

Consider this. The government issues a currency called digibux. They are matched to the USD, you can buy one digibuck for 1 USD, but they are limited in volume, only so many are offered. Looking at this naively, digibux has the same value as USD. Now consider the following happens, the government takes down a giant drug operation, and invalidates all of the digibux that were involved in the operation. A friend of yours who was a pizza delivery guy has hundreds of dollars removed from his digital wallet because they were tips from people who had participated in the drug trade.

Now you're sitting with 10,000 digibux, and you know that the government is pleased with the results of the previous sting and wants to set up more operations like that. Someone offers you 8,000 USD for your 10,000 digibux. You know that the 8,000 USD can never just vanish.

The number of digibux in circulation went down. But did that make the total value of digibux go up?

That's an excellent explanation and I appreciate it. I'm sure you've simplified some, but it makes sense to me.

> So if the bitcoins are seized by some government entity....wouldn't that make the total value of bitcoin go up? Supply and demand and all that...

You are only considering the supply side and assuming that the government seizing bitcoins from one of the major exchanges (and, subsequently, collapsing the exchange) doesn't impact the perceived viability of the bitcoin ecosystem (since, presumably, the same thing could happen elsewhere) and reduce the demand for bitcoins as well as the supply.

Also, it further assumes, on the supply side, that the government simply throws the coins in, effectively, a digital landfill -- otherwise, the fact that they were forcibly transferred from the exchange to the government doesn't actually have any effect on supply.

That's something I've always wondered about. When the DEA or seizes, say, a million dollars in cash from a drug dealer...where does it go? I assume the bulk of it goes into the pocket of someone. But where does the officially seized money go? Do they destroy it? Similarly, what would they do with 25,000 BTC? And could they even document it properly?

Depending on whether people viewed the seizure as permanent or not, it would reduce the number of available bitcoins and, theoretically, cause a price increase. However, that assumes the volume of bitcoins demanded didn't also go down, which would most likely also happen since a large-scale seizure would reduce confidence in bitcoin and cause fewer people to use them (and many people holding them to try to sell them for traditional currency).

An interesting idea, but it assumes that the demand doesn't change after a government seized a large number of BTC.

Yes and no in my opinion. Because while the total supply goes down, some confidence is also lost (at least short term).

There have been hints that MtGox's losses were due exploitation of the transaction malleability issue.

I don't know if it's possible to identify (from the blockchain) transactions that have been altered in a way that exploits the malleability issue but it should certainly be possible to identify pairs of transactions with identical startpoints, endpoints and sizes (i.e. number of bitcoins).

If it turned out that pairs of such transactions turned out to come from MtGox's wallets to third-party wallets, that would probably be a good starting point.

I would be surprised if that was simply a ploy by Mt. Gox to deflect blame from their own ineptitude.

So what happens next?

-The government has no inclination to interfere (even though many US citizens lost their money) as they were against it (if not outright criminalizing it).

- The lost money, even if recovered in full, would not be the same. The time lost is money lost. Besides the emotional shock and pain people had to take.

- Someone somewhere is sitting on that money, and it will have value, because people won't stop trading Bitcoin even now.

I know people are not ready to take any criticism of bitcoin, but here it is, what needs to be fixed about it.

Since the story seems to be that this has been going on for years without anyone investigating, I'd guess that most of them are long since laundered and distributed between various innocent bystanders. Even if we could trace every single uBTC to it's current location, the percentage actually held by those responsible has got to be very small.

Somewhere in the blockchain, probably divided into smaller chunks. The way Bitcoin is set up, you can follow transactions, but it's very hard to track buyers/sellers. It's a paradox: Bitcoin's strength is that it's untraceable and unregulated, but in cases like this those exact strengths are pitfalls at the same time.

That is not a paradox at all. Bitcoin as a system is performing exactly as designed here (barring possible wibbly wobbly "malleability" bugs).

Wouldn't the sheer number of coins involved make tumbling services almost useless. What is the volume that a single tumbler gets per day? If you put in tens of thousands of coins, and there are only a few dozen coins in the Tumblr that day, your coins are going to be most of what comes back.

> Wouldn't the sheer number of coins involved make tumbling services almost useless.

Sure, if they were all stolen and tumbled at once. The descriptions of a cold storage "leak" suggest that if the loss was due to theft, it was a gradual over an extended period.

They are most likely being held by the U.S. Government.


Instead of a blacklist which is tantamount to centralized regulation, there can be a concerted effort by the community to publicly shame people using these coins, or tumblers, merchants, services, etc. which accept them.

Wouldn't it be funny if the lost bitcoins---were all the result of someone forgetting where they put the key? So not stolen, just literally lost? Talk about a major 'oops' moment.

Crypto currency news @ http://cryptocurrencylive.com/newest

"Lost" is such a harsh word. They are still here, in the blockchain.

Things like these are bound to fall. People should have predicted this risk.

I have to go with the following answer: in someone's pocket.

A pocket of someone who had means, opportunity, and motive? Hmmm...

If you're thinking Mark Karpeles, he doesn't really have motive as he's likely going to go to jail.

However, an employee or contractor at mtgox who figured he could cover his tracks could have stolen them

That's my thought as all of it sounds really shady.. time will tell.

To reply to a recurring line of thought, Bitcoins are not atomic entities with serial numbers like dollar bills. You can't say "Bitcoin #AE472b was stolen" and then trace it through its life, or blacklist it.

Instead Bitcoin is a ledger that details wallets and accounts. The origin of balances came from mining, and then people made transactions that, on the official ledger, transferred some or all of those amounts to other wallets. And on, and on, and on.

Hypothetically, if the community were foolhardy enough to trust someone's list of "recipients of mislaid money" wallet ids, you could blacklist those wallets, or even, through group agreement, force transfers back. But that's where tumblers come in: Tumblers are group wallets that take transactions in from all sorts, and then distribute them anonymously to new wallets you control (after a service fee, of course). Anyone hiding their tracks will of course have used a tumbler, often anonymously run on the Tor network. Do you blacklist or reclaim from every wallet that took an output from a tumbler?

Bitcoin would be toast. Tumblers are something that legitimate users of the currency make use of. You won't get the cooperation of tumbler operators because they are themselves engaged in a very serious crime.

So the trace-ability claim repeatedly being made just doesn't hold when you have legitimate and illegitimate transactions by the millions all intermixed. When bitcoins are transferred...game over. Give up on that thought.

Right, exactly. It just seems hopeless to try to figure out "where they are". They're drops of water in the ocean.

In this particular case, are tumblers viable? If I understand rightly, the stolen coins here are a significant percentage of the amount of bitcoins outstanding.

Supposedly this looting went on for years, death by a thousand transfers. It will have dissolved into the sea by now.

Does it matter?

Edit: Not "does it matter that they are lost", but rather "since they are lost, does it matter where they are".

There are already reports of two suicides related to the Mt.Gox fiasco, so yes, it does matter.


Well, yes, to a lot of people - both those who lost money in the affair (some people vast amounts), and also to anyone interested in following the development of BTC - if this was theft, how can we prevent repeat incidents to reassure potential Bitcoin buyers; if it was a failure in the technology, what can we do to repair that to make Bitcoin more secure, or if there was some government or official organisations involved, why did they interfere and what're they up to?

Too glib I suppose, I just meant that if the coins are "out there" they're not actually recoverable, are they? If a bunch of sand falls out of my hand on the beach, those grains didn't disappear but I'm never getting them back again. Then there's the very real question of whether it actually is theft. I would argue no, in the sense that downloading a song isn't theft.

You play in dirt, you get dirty. You want an unregulated purely digital currency with irrevocable transactions, you know it's going to sting if you lose some of it.

What if Satoshi Nakamoto stole them?

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact