Thanks for tallying that. It won't help users who were tragically harmed, but it's reassuring to see that only a small number still held large balances at gox, and hopefully most of them were also diversified into other investments or exchanges as well.

The site's mismanager claimed (in IRC as usual) that he kept all his own btcs on it. While few of us would ever believe that, it would account for many of the largest accounts, further reducing the apparent damage to customers.

Currently, the URL you posted appears to return a plain 42MB text file with a columnar text report showing user identifiers, balances, withdrawal limits, etc. It currently seems safe to retrieve with a tool such as wget and to view with a simple plain text viewer.

Chances are the data is valid and the person posting it is providing a useful service.

However, don't let anyone categorically tell you a site or page is safe, unless they're in control of it and you trust them (and you believe it won't be hacked by the time you retrieve it).

Reason: sites can be programmed to return different data to different users.

Example: On linux, using wget (a file retrieval tool) with its default user agent string (not pretending to be using something else), I seem to be getting an ordinary text file (based on a quick view of the beginning, end, and some random points along the file). But a user on another OS, or using an actual web browser (or anyone tomorrow, or maybe just every 17th user) could be sent an entirely different file which could have an exploit. It's also possible this 42MB file could have embedded data which might attack a particular word processor should you try to open it in one.

So: always best to use a computer (or virtual computer) you don't use for financial transactions, and/or to use the simplest tools possible to do the job.

No bots?

I would argue for exactly the opposite: An exchange with built-in automatic trading capabilities so that all users have the option to preprogram their responses to the market as easily as possible.

Consider:

It is very difficult & time consuming to trade bitcoin optimally without assistants who watch & react to the market for you 24/7. Automation lets you more perfectly execute your trading plan.

There seems no way for an exchange to completely prohibit bots, because software can interact with a web page just as any ordinary user can. (A bot can parse the HTML or screen-scrape the web browser. Also, you need to provide APIs if you want to let users use external trading platforms such as Metatrader, Zeroblock, BitcoinCharts Pro, etc.)

The most you can do is minimize bots and prohibit high-speed trading. An exchange would have to place restrictions on all traders, by limiting the number of trades which can occur in a certain amount of time, or (annoyingly) by requiring completion of a captcha every so many trades. (But captchas can be bypassed in real time at low cost via services using software and human workers to solve them. They would mainly annoy your regular customers.)

Worst of all, eliminating automated trading would tend to make your exchange much less popular: spreads would be much larger, volume would be reduced, arbitrage would have longer lags, and there would be less "action." There would still be arbitrage going on, however: your price would generally follow that of any other exchange, just not moment to moment. So you could not simply isolate your exchange from all the others which are influenced by bots.


(Regardless, we should only support exchange designs where users retain most or all control over their assets and how they will be traded. GIven that, you can't tell users not to use algorithmic trading, but you can make it available to all users.)

I was charmed as soon as I read a few paragraphs about the Bitcoin project. I had a thirst for exactly this ever since DigiCash folded in the late 1990s. Efficient digital cash was ideal to achieve proof-of-concept for a project I began in 2007.


Thing is, Chaum's DigiCash was actually working too. There was a period of time when Mark Twain Bank (and one more?) were issuing coins in exchange for fiat. If you think about it, that was an amazing achievement: Chaum was able to get a European bank to issue fully anonymous currency tokens! (A sender could voluntarily prove they had sent funds from their software "coin purse," to combat extortion, but no one including the bank could otherwise track what was being done with the money.)

Then it collapsed. (That may have been due, I read at the time, to Chaum's excessive demands regarding licensing his technology, a problem bitcoin entirely solved through the open-source release/premine combination. Chaum seemed greedy; however he was so far ahead that his licensees probably couldn't conceive of the immense value of what he was offering them.)

This man is an exact clone of Satoshi Nakamoto.

To protect himself, Satoshi made many copies, all different ages, and planted them around the world. Without secret technology, there is no feasible way to extract private keys from any of them.

The legend continues...

At first this seems like a worrisome topic with no solution.

Expenses paid to secure the network, if unnecessary and unchecked, could raise bitcoin fees enough to let other currency designs overtake it.

However:

What happens long-term? Does the incentive for ever more mining gear wind up consuming all available electricity and all possible ASIC/quantum computing resources ?

Optimistically I think not.  Again, long-term:

> New clean energy sources (LENR, space-based solar, fusion, etc.) are likely to come on line, drastically cutting the cost of energy and the pollution load.

> Mining (if not redesigned) becomes ever more concentrated in several pools.

> Bitcoin price should eventually start to plateau, while mining rewards decrease. This raises the barrier to entry for new miners. No longer would mined coins increase in value so drastically: it may become permanently more cost effective to purchase coins than equipment.

> At that point, the remaining pools lose their incentive to keep growing. Art Forz (of GPU & FPRG mining fame) once commented (on IRC) that he discovered trying to control more than about 1/3 of the network leads to a situation in which one is essentially competing against oneself (diminishing returns are realized for additional investment).

By the way, what do you think of the proposed Gox brand for a bitcoin wallet, Bitpocket?

That name may be the single most ridiculous plan listed in the document being circulated. Perhaps it doesn't suggest pickpocket in Japanese.

No, c_r is saying they might have intentionally sold fictitious coins to customers -- in other words, a fractional bitcoin depository. Many users (such as traders) left a lot of real coins on the exchange for long periods, so there was always a sizeable reserve gox could draw against to fill withdrawal requests.

Gox could have injected their own trades into the order book (violating their written promise to never take either side of any trade). They would then pocket the real fiat that had been deposited, and update the "coin" buyers' accounts to show bitcoins which were not actually on deposit. An extensive review of the blockchain (with access to company records) could probably tell whether they actually received all coins that were "held" by accounts.


A simple way would be to create regular trading accounts, held by them, that were credited at some point with fake bitcoin balances ... then using those accounts to trade fake coins for customers' fiat, perhaps via Tor or a VPN. With over a million customers in the database, this might be easy to hide even from any forthcoming auditors. Especially if the software & accounting was as disorganized as it seems.

At least one employee/contractor would realize many "coins" in the system were never in the wallets. That person would have been motivated to hide the imbalance by adjusting the internal bookkeeping software. That takes one line of code (or a handful to obfuscate it well). People later taking over the company could find the discrepancy, though.


So far we have no evidence this happened, and the claim instead is that many coins that were in wallets no longer are.

It does seem an easy theft for any current exchange to do -- except the decentralized ones which are just getting started. Future exchanges can be designed (using multisignature transactions) to give customers full control over their coins and the ability to track them at all times.

Good, but please let's remember that the actual solution will be "Phase 3," which can't arrive too soon:  software & services using practical multisignature transactions, and also high-volume decentralized exchanges.

As long as we're in Phase 2 (competent, professional people/operations HANDLING massive amounts of customer funds) the true promise of cryptocurrencies is still unrealized, and massive losses/thefts/freezes can still occur.

"Phase 3" companies, however, can arise to provide rich capabilities for bitcoin storage & exchange, BUT would be unable to abscond with significant funds because users could choose to retain full control of their transactions. Bulletproof multisignature capabilities can make that possible.

But, commonly overlooked, further down he weakens his stance:


Direct permalink: http://www.reddit.com/r/Bitcoin/comments/1yre42/mt_gox_ceo_resigns_from_bitcoin_foundation/cfn529y


What we have overall is an expression of optimism but not conviction.

Usually fees are deducted from a sender's remaining balance, not from the transferred amount.

If you start with 10btc in wallet X and send 1btc to wallet Y with a .0001 fee, wallet X typically winds up with 8.9999. Wallet Y, your payee, should receive a full bitcoin.

Otherwise, users would needlessly have to make an extra trivial calculation for every transaction.


I thought this thread would be about the recent revelation that bitcoin inputs can be completely destroyed by miners who choose not to accept fees. Apparently those inputs can never again be used, even with access to the private keys. (Seems plausible but I have not verified the claim.) This is different from sending to a made-up address for which no known private key exists: in that case, the balance remains permanently accounted for on the blockchain.

Earlier comments notwithstanding, changing old software can be extremely challenging and time consuming -- and judging from the very minimal history of improvements at gox, they're not particularly adept at redesign (typical for a company which once enjoyed an unassailable position as market leader).

I can only imagine what it feels like for them right now. Endless complaints and accusations from masses of desperate customers unfamiliar with bitcoin's market cycles. Daily inquiries from media. A large backlog of mangled blockchain transactions and the resulting accounting mess. Worries over "investigations" & lawsuits. Fear of making things any worse.

Anyone surrounded by all that noise could well need isolation or a mini-vacation to clear the mind, to become capable of progressing in any useful direction.

We know there was a real technical issue involving distribution of bitcoins. I discount suggestions that they manufactured the crisis. Gox has always been terribly slow to update their platform, which made them vulnerable and makes repairs harder now.

Unless the intense pressure itself forces some sort of collapse, I expect to see their customers begin receiving limited quantities of bitcoins in the weeks ahead. Then the clamoring will begin to open the floodgates and we may get a clearer feel of whether unsurvivable losses of btc occurred.

The first large reactionary price drop occurred on various markets approximately when gox's office relocation was first announced. This was not seen as widely or as quickly as the later "no withdrawals yet" announcement because it was placed only on gox's support page (not the home page).

The 'big dump' you are referring to may have been the first drop I noticed, or more likely a later reaction in between. (IIRC, the two announcements were spaced much further apart than the 30-60 minute gap you mentioned.)

The lack of the usual reassurance that "Bitcoins have not been lost and clients' funds are safe" (even after Bitstamp made such a statement) implies some large losses and suggests they are focused on protecting themselves from provable allegations of fraud.

Still, for the longest time, Gox has specialized in impressively minimal customer communication.


Unless perhaps people at the company are being threatened by angry customers?


Most likely. (I was also concerned with random notebook computers that may now be on the move.)

Offsite servers are at risk of inspection/manipulation by the hosting company's employees -- people who have been becoming ever more aware of how lucrative bitcoin theft could be for them.

Bring on the decentralized exchanges!

An excellent post.

Your last sentence may need reversal. Running a large bitcoin exchange out of a well known location without much security was an enormous, unacceptable risk. What they are now doing to physically isolate themselves more from the general public can be seen as long overdue.

If they were smart/savvy they would couple this with a large increase in online contact with their client base, to compensate where it matters most. Instead, they actually announced the "relocation" before trying to announce & explain the latest withdrawal delays. Yet another bungled PR event.

Well, they're consistent. Gox is an "exciting" stimulus for the market and in that one regard they outshine most, perturbing the market to bring on spectacular highs & lows.

What I wonder is: where are their servers? Who monitors those? Do they even encrypt everything on all their hardware when they carry it from location to location, and when they sleep?

I hope so, but if not, an even more "spectacular" future may await...

Exactly. The author is rejecting bitcoin on the assumption that society cannot adjust to changes, reasoning which is historically ludicrous.


Of course, the author is also saying a growing economy would be mismatched with a shrinking (deflationary) currency supply.

For traditional central banking to provide a good store of value, we would need truly responsible governments accurately adjusting their fiat money supply to agree with growth or contraction of their economies. But governments aren't trustworthy long-term.

Cryptocurrency could be designed to inflate & deflate based on one sector of one country's economy (such as food or electronics or housing), so that over time a coin would tend to still buy the same quantity of the favored products/services. It would be the extreme opposite of a global currency.

Or a currency could inflate/deflate to agree with the world's average economic growth/contraction. That would add a layer of complexity and risk, in order to make prices somewhat stable over time for those in the largest economies.

Bitcoin's approach is simpler and quite rational but does require users to reprice products and services gradually over time. Long term, price changes are far more likely to become PREDICTABLE with bitcoin than under the whims of governments!

Maybe we should soften the suggestion that the client is "REALLY BETA".

The client does almost-amazing things with currency conversion* and includes a usable trading platform capable of handling a wide variety of crypto AND fiat currencies.

There are many minor usability glitches and it is not as polished as the best btc clients & exchanges. But Opencoin keeps improving it at a much more regular rate than a lot of software.

Any in-browser client is a major security question, mainly useful to attract new users. For large balances a local client is needed and could be written by anyone given the desire.

*(Ripple currency conversion is currency IOU conversion, with counterparty risk. It's like trusting a centralized bitcoin exchange to hold your balances until you withdraw them. I hope the forthcoming decentralized exchanges will be a major challenge to Ripple but right now it's a useful system.)

Here are some recent posts by CampBX, on Reddit, which show their viewpoint:
 

The thread title is a rather cruel attack on a small, brave bitcoin company.  CampBX's latest post on Reddit:


Someone with the power should retitle this thread and move it to Service Discussion.

Ah, maybe the publicity will help a few new customers notice the exchange.

Email is an important attack vector, but images are mainly blocked when they are loaded from external URLs (not embedded in emails) so that users can choose to avoid automated tracking of whether/when they open messages.  Each email can be created with a unique image URL.  When that "image" is fetched, the server sending it can then be pretty confident someone opened the email.

Another reason is to reduce the amount of data downloaded for messages that may well be spam anyway.  (But whitelisted senders' mails are often treated differently, with all images fetched & displayed.)

The shocking jpeg buffer overflow vulnerability dates mainly to 2004 and has been addressed by updated software but that's not to say any software can be fully trusted.

It does make good sense to block unnecessary online content and to use different computers (virtual computers, at least) for financial tasks!

(credit for 'bip' goes to arcke at post #53; i'm just highlighting a rationale for it above.)