Greg Maxwell (BTC developer) responds to GOX

[Wyld]

I hadn't seen this posted anywhere.

http://www.cryptocoinsnews.com/2014/02/10/mt-gox-blames-bitcoin-core-developer-greg-maxwell-responds/


<gmaxwell> The Gox press release seems a little ‘spun’ to me. They portray characteristics of the Bitcoin system well known since at least 2011 (which even have their own wiki page ) as something new.
These characteristics are annoying but don’t inhibit basic operation. They are slowly being fixed – but fixing them completely will likely take years as they require changing all wallet software. Correctly-written wallet software can cope with the consequences, and I cannot understand why they would gate their withdraws on external changes.

<GG> Andreas Antonopoulus has examined Gox’s code to some degree, and remarked that they are using a strange “hodgepodge of technologies that are really not suitable for running an exchange.” Do you believe the problem lies in their code rather than the Bitcoin protocol?

<gmaxwell> Oh there is a “problem” in the Bitcoin protocol, known since at least 2011 (see the link I gave). But for normal applications, not involving unconfirmed transactions, it shouldn’t cause any severe problems because wallets can handle it locally.
Basically, third parties can change the transaction IDs of transactions. This means what wallet software must be written to accomodate that and still recognize them when that happens.
What the press release talks about is adding a second kind of transaction ID, which is robust against changes, which would be helpful for tech support purposes. Though it doesn’t resolve all of the issues that being able to modify transactions presents.

<GG> So in other words, Gox should be able to account for this known problem by modifying their internal systems?

<gmaxwell> Yes, internal only changes should account for it. The only remaining issue for Mt. Gox’s application would be some tech support problems, where if a user’s transaction is mutated by a malicious party the txid ["transaction ID"] Mt. Gox told them to expect wouldn’t be the one that ultimately showed up in the blockchain.

[usabitcoinbuyer]

Thanks for the article link.  It was pretty enlightening.

The problem I have with the Mt Gox statement is that it doesn't appear to address the symptoms folks are describing in the forums.  So, ok, txids can be mutated, and dishonest users can claim they never got their BTC.  Well, 1) *honest* users should still receive their withdrawn BTC, just with a different txid, and 2) from a support desk perspective, the process for anyone claiming to have not received their BTC is to look up their deposit address on say.. blockchain.info... to see if it arrived.  If it did, then lock the "dishonest" user's account until it's all sorted out.*

What all the forums are full of are folks claiming long delays in receiving BTC, and apparent double-spends by MtGox themselves, possibly due to their mixing freshly minted coins that can't be spent yet into their hot wallet.  That's not a transaction malleability problem.

If the other exchanges want some positive press at Gox's expense, they should all post a bulletin indicating that they don't have a problem with transaction malleability, and are prepared to let their customers withdraw BTC to their hearts content.

* ... says the user whose account got locked because I'm accused of using Tor or an open proxy... which I haven't.

[passionsurf]

wait, don't read this article until the price drops to $100, so I can secretly buy low!