I have posted This on reddit today
http://www.reddit.com/r/Bitcoin/comments/376qep/mtgox_one_thing_that_could_have_gone_wrong/.
Since I know that many of you don't read Reddit I permit myself to post it also here. Please ignore it in the case you have already read it.
Tl;dr: The possibility for a miner to sweep his private key onto the exchange could have been one of the possible way to hack itI'm not an investigator on the issue and I'm not a computer scientist. I have used, like many of you, Mt.gox for many months and I have taken advantage of the comfortable feature of sweeping my private key on the appropriate form to deposit bitcoins on the exchange. My account's balance almost immediately signaled the increasing in the amount without waiting for confirmations and I was able to trade those bitcoins right away. So far so good.
One year ago talking in a group of experienced people about the crash, one of them told us Mt.gox had many problems in moving his hot wallet because the software tried to spend bitcoins coming from miner's private keys deposits. Those particular outputs cannot been spent before 100 blocks but somehow this situation was not well managed in Mt.gox and the personnel was compelled to go and withdraw often from the cold wallet even if the hot wallet balance appeared to be more than sufficient as long the internal accountability was concerned.
If the internal accountancy diverged in the total amount of the hot wallet is very feasible that also in the moment in which the software tried to sweep the miners' private key immediately after its deposit was not signaled and managed properly (here I need some opinion from miner who have experienced the contrary).
It is evident that there was a discrepancy between internal accountancy and the actual spendable outputs in Mt.gox hot wallet. This discrepancy maybe became chronic and increased overtime has testified also by a recent investigation by wizsec (
http://blog.wizsec.jp/2015/04/the-missing-mtgox-bitcoins.html).
My hypothesis is that the software couldn't actually sweep all those private keys at the right time (i.e. after the expiring of the 100 blocks) when was allowed by the network because the depositor in some case (to say the least) did use the same key (that was also still in his possession) to spend the "frozen" outputs in the right moment before Mt.gox software could. When (and if) the Mt.Gox's software attempted as well to refer to those outputs they were obviously no more spendable.
Some conclusions in winsec's report appear to be compatible with my hypothesis:
- "By the end of 2011 we are past most data gaps, but we are seeing a clear discrepancy of several hundred thousand BTC between expected holdings and actual holdings,"
- "One recurring pattern eventually stood out: MtGox bitcoins would suddenly get sent to a new non-MtGox address, without any withdrawal log entry, often in fairly recognizable amounts of a few hundred BTC at a time." (relevant here that miners private keys at that time hold 50 BTC each).
In synthesis if the Mt.gox's software and internal procedures would have allowed it, one or more malicious miners could have swept one or many private keys making their personal account balances on the exchange increase immediately (giving them the possibility to sell bitcoins not yet in Mt.gox availability). Then exactly after 100 blocks they could have spent those same bitcoins to themselves leaving Mt.Gox hot wallet with unmanaged errors and discrepancy.
I know that a normal company would have realized this situation quite quickly and I appreciate any critique on my imaginary hypothesis. Nevertheless I have to notice that:
- something incredibly stupid or incredibly smart has occurred in that company so even a so stupid flaw could have gone unnoticed for months
- Maybe this hypothesis could suggest a more coherent one to more skilled people than me.
