New Mt Gox Press Release - Feb 10 - they are claiming flaw in bitcoin protocol !

[zyk]

that implies thats really the bitcoin protcol itself which needs an urgent fix or it can´t get anymore traction...OMG

[1715077875]

1715077875

[1715077875]

1715077875

[BitcoinSniper]

We must all do our parts to counter this bad press by creating Positive PR in the Media . Please support the bitcoin space mission https://bitcointalk.org/index.php?topic=441303.0


I am trying to generate positive NEWS for Bitcoin

[justusranvier]

You overstate your case, unless you wish to argue that Satoshi was not competent.

Considering some of the bugs that made it into his initial release, it's at least safe to say he's a better cryptographer than software engineer.

In any case, the reissue fraud is more or less independent of mutation.  The way you protect yourself against double payment when reissuing is that you must spend at least some of the same coins so that only one transaction or the other can get mined.  If you do this, no amount of mutation will result in funds loss (though it might confuse people!),  if you don't do this then you can still have payments doubled up even with no mutation at all.   (E.g. first payment delay, second authored, second gets confirmed, first gets rebroadcast and makes it in too).

It appears that Mt Gox was trying to function using "dead reckoning" accounting by treating their internal database as canonical when in fact only the blockchain is canonical. This is incompetent accounting even in the fiat world - it's like going off your checkbook balance exclusively and never checking your actual bank account balance. (For everybody not born in ancient times, this is an analogy from the dark ages of the 1980s and 1990s).

That's what I meant by being incompetent. If one of your UTXOs gets spent by being included in a transaction that makes it into the blockchain, your wallet should notice this regardless of anything else you think should be happening. Theirs didn't - if it did they wouldn't have this problem.

This is in addition to other errors like not accounting for coin maturation and also their long, multi-year history of failing to respond to problems proactively when they are first pointed out as opposed to waiting for catastrophe to take action.

[darkmule]

Seems to me the problem here is that Gox, amazingly enough, is once again unable to meet its obligations and casts the blame on something, anything else, crashing the price of Bitcoin and generating bad press.  This is called pissing in the well.

[Gulinborsti]

Now, can somebody hack their news CMS so we can modify the statement?

There is not much that needs to be changed:

"A bug in OUR bitcoin software makes it possible ..."

[BitcoinSniper]

We must all do our parts to counter this bad press by creating Positive PR in the Media . Please support the bitcoin space mission https://bitcointalk.org/index.php?topic=441303.0


I am trying to generate positive NEWS for Bitcoin

The damage has already been done we must know counteract this negative NEWS and start creating positive NEWS in the MEDIA

[roslinpl]

Seems like a lot of us misunderstood gox annoucment.

Like we alreadyy know bug was in their system not in bitcoin network.

[keithers]

It seems that if they are going down, they want to try and take the entire ship with it

[dorobotsdream]

That's not actually a Bitcoin double-spend, though.

This. Quit talking about double spending, this is confusing. Notice that MtGox communication don't talk about double spend at all, either.
It's just a voluntary MtGox double send.

Yes, that is a more apt naming for it.

I just examined an outgoing transaction from Mt. Gox that I made earlier and how it got noted in the blockchain. Their regular scriptIn seems to be <sig> <pubKey> with an uncompressed pubkey. Anyone seen different scriptIns from Mt. Gox?

[zyk]

Had Mt Gox been competent at all when designing their custom wallet software, they would have noted that tx-ids are mutable

You overstate your case, unless you wish to argue that Satoshi was not competent.

In any case, the reissue fraud is more or less independent of mutation.  The way you protect yourself against double payment when reissuing is that you must spend at least some of the same coins so that only one transaction or the other can get mined.  If you do this, no amount of mutation will result in funds loss (though it might confuse people!),  if you don't do this then you can still have payments doubled up even with no mutation at all.   (E.g. first payment delay, second authored, second gets confirmed, first gets rebroadcast and makes it in too).

with reissuing fraud possible because of the bitcoin protocol itself , there needs to be a software applied which guarentees

that the same coins being tried to use

no exchange uses this up to date....so  BTC is UNSAFE

[terman45x]

I haven't read this entire thread yet, but is this true? The TX ID can be modified and re-broadcast to effectively double-spend? If this is the case, not only is MtGox justified in their issues, but they've also demonstrated to the entire world how stupid this community is to believe BTC is without flaw and can't be taken to $0 if the right individuals were to go through this protocol with a fine-toothed comb. What a terrible concept to implement. What is the purpose of a TX ID if not to identify a TX? What could possibly be achieved by allowing such an ID to be modified?

You got Goxed  

It only shows how terrible software MtGox has.

The good news is Im confident MtGox is finally out of business and they will not scam more people with their fraction reserve practices

[BTCisthefuture]

Gox being gox.  Whenever something goes wrong with them it's never their fault and always the result of some outside factor.

I agree with others that by gox blaming bitcoin for the problem its going to lead to some really bad press in the coming days/weeks.  As usually though things will eventually smooth out as people realize bitcoin is still sound.

[DooMAD]

with reissuing fraud possible because of the bitcoin protocol itself , there needs to be a software applied which guarentees

that the same coins being tried to use

no exchange uses this up to date....so  EXCHANGES ARE UNSAFE

FTFY

[Kouye]

that the same coins being tried to use

no exchange uses this up to date....so  BTC is UNSAFE

That is completely false, the coins sent on the second Tx are NOT the same.
There is no BTC serious flaw.

Client withdraws money
Client receives the coins
Client later calls MtGox support and says "i want the same amount of coins again, even though my balance is zero".
Mt Gox sends the same amount of coins again.

That's it.

[Rampion]

Had Mt Gox been competent at all when designing their custom wallet software, they would have noted that tx-ids are mutable

You overstate your case, unless you wish to argue that Satoshi was not competent.

In any case, the reissue fraud is more or less independent of mutation.  The way you protect yourself against double payment when reissuing is that you must spend at least some of the same coins so that only one transaction or the other can get mined.  If you do this, no amount of mutation will result in funds loss (though it might confuse people!),  if you don't do this then you can still have payments doubled up even with no mutation at all.   (E.g. first payment delay, second authored, second gets confirmed, first gets rebroadcast and makes it in too).

with reissuing fraud possible because of the bitcoin protocol itself , there needs to be a software applied which guarentees

that the same coins being tried to use

no exchange uses this up to date....so  BTC is UNSAFE

Don't know if you are mentally challenged or just a FUD spreader.

Read again: BTC is perfectly safe. Transaction malleability is a well documented issue and its nothing to be worried about unless you run a custom bitcoin impletation which is vulnerable to transaction malleability. The standard implentation is (Bitcoin-QT, bitcoind) is perfectly safe.

[zyk]

with reissuing fraud possible because of the bitcoin protocol itself , there needs to be a software applied which guarentees

that the same coins being tried to use

no exchange uses this up to date....so  EXCHANGES ARE UNSAFE

FTFY

sorry...he fixed it for me already..


but whats BTC gonna do without exchanges....at least in the shorttime??

[hilariousandco]

http://www.businessweek.com/news/2014-02-10/is-bitcoin-over-mt-dot-gox-pauses-withdrawals

Sigh

 

All of the old world institutions that worship ‎John Maynard Keynes will be shamed.

We need to amass an army of commenters at the bottom of every single article like this one to refute such foolishness with facts and history about the bitcoin network's resiliency rating.

The BTC train has already left the building.  Get on or get flattened.

All that will do is make the commenter army look like rabid fanboys and probably backfire. Hopefully their readers will be smarter than the 'journalists'.

[dorobotsdream]

If Mt. Gox really has been defrauded, then they must be able to present us with one of their outgoing transactions (obviously from before their statements) incorporated in the blockchain where the scriptIn does not follow their normal pattern.

Either extra operations would have been included in the scriptIn, the format of the pubkey would use a different format or the signature would be non-canonical or it's DER representation. I am assuming that they would use an automated did we really pay this script to update their checkbooks, and that it could have been fooled by any of these manipulations.

There would still need to be some party involved in changing this part of the transaction (wittingly or not) and some client with a Mt. Gox account making use of the changed transaction to later seduce Mt. Gox into paying twice.

[mikekolba]

Nice response here...

https://bitcoinfoundation.org/blog/

[coins101]

We must all do our parts to counter this bad press by creating Positive PR in the Media . Please support the bitcoin space mission https://bitcointalk.org/index.php?topic=441303.0


I am trying to generate positive NEWS for Bitcoin

Gox: Bitcoin code is broken.

Gavin Andersen: No its not. Gox is broken.

That is what you call positive news.

A large exchange has challenged the community saying there is a problem with Bitcoin. Turns out they just validated that bitcoin code works and they are left with the bitcoin community turning their back on them, as soon as everyone is able.