Bitcoin Forum
June 02, 2015, 03:32:49 AM *
News: Latest stable version of Bitcoin Core: 0.10.2 [Torrent]
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 4 5 6 »  All
  Print  
Author Topic: Peter R's theory on the collapse of MtGox and its effect on the price of bitcoin  (Read 66690 times)
This is a self-moderated topic. If you do not want to be moderated by the person who started this topic, create a new topic.
Peter R
Hero Member
*****
Online Online

Activity: 602


View Profile

Ignore
March 02, 2014, 10:01:28 PM
 #1

Peter R’s Theory on the Collapse of Mt. Gox


TL/DR: A young man had a secret.  To keep it hidden, he kept digging until the hole was a billion dollars deep.  This is a speculative tale of a great bitcoin theft from MtGox in 2011 and the efforts that this man undertook to fix it.  The tale explains the bitcoin bear market of 2011, the explosive rally of 2013, delayed fiat withdrawals, malled transactions, and a bot named Willy.


By the time you realize that real life has begun, you are already three moves in.”—Author unknown


It was June 19, 2011.  Mark, a 26 year-old young man—a boy really—was ecstatic.  He had recently purchased MtGox—a small, online exchange for trading virtual tokens—and business was booming.   These virtual tokens were called bitcoins and Mark loved them.  

Bitcoins were an obscure curiosity: a peer-to-peer electronic cash system that allowed users to store and exchange credits with any other user in the world, nearly instantly, and without the assistance of a third-party or the permission of an authority.   All that was needed was a 78-digit secret number—a key if you will.

In order for his customers to withdraw their bitcoins over the internet, MtGox stored some of these keys on its online server.   The remaining keys were stored on USB drives and backed up on paper to prevent theft should the server be compromised.  

But theft was hardly a concern.  In October of 2010, bitcoins were trading for $0.10 and the half a million bitcoins held by MtGox was worth only $50,000.   But still Mark took precautions, diligently moving bitcoins to offline storage and leaving only what was necessary for customer withdrawals online.   He truly wanted both his business and bitcoin to succeed.  

By April, the bitcoin price had risen to $1 and by June it had exploded to $30.  Between June 1 and June 15, an additional one million bitcoins were sent to MtGox and immediately sold, crashing the price back to $10.  It was a hectic time, with hundreds of customers needing help, visits from the FBI related to the Silk Road black market, and stress related to the recent market crash.  Young Mark was becoming a victim of his own success: there simply wasn’t enough time to get everything done.  On this very day in June 2011, the keys to the recently-deposited 1,000,000 BTC were still sitting on his server.  

Later this day, a group of hackers gained access to MtGox servers and executed fake trades that the world could see, driving the nominal price of bitcoin near $0.  Mark was frantic.  He quickly regained control of the servers and learned the dark truth: the million bitcoins that had recently flooded in earlier that month were gone.  Mark admitted publically to the hack, rewound the false trades, but kept the truth of the missing coins a secret.  

How could this 26-year old explain to his customers that he had lost their bitcoins?  And if the world found out, would this kill the thing he loved so dearly?  Would he go to jail?  Or worse yet, would someone kill him?  Mark decided that he would do what he thought was right: he would slowly earn back the lost bitcoin with MtGox trading fee profits and eventually make his customers whole again.  He still had over 500,000 BTC left—he moved 424242.42424242 BTC between bitcoin addresses and convinced the community that MtGox was solvent.  As long as withdrawals didn’t exceed deposits over a long period of time, no one would ever find out the truth.  Or so he thought.

Meanwhile, the bitcoin thieves slowly mixed their coins with other coins, obfuscating the chain of ownership, and then re-selling these coins on MtGox using sock-puppet accounts.  Mark tried to stop them, but there was no way he could know for sure which accounts were fraudulent—he even accused innocent people of bitcoin laundering.  The constant selling of these stolen bitcoins drove the price down to $2 in November 2011.  Mark faithfully used all of the MtGox profits to purchase coins back during this decline.  But he would never use customer funds—that was a line he swore not to cross.  

The selling of these stolen bitcoins continued at a diminished rate over 2012, and Mark continually purchased coins using the MtGox trading fees.  The bitcoin economy was growing and new exchanges were opening up across the world.  His bitcoin reserves weren’t building fast enough but the price of bitcoin kept rising (along with the dollar value of the missing bitcoins).  He was worried that other exchanges would suck coins out of Gox and reveal his secret.  He decided he needed to take decisive action: for the first time, he used customer funds to purchase real bitcoins.  These large purchases by Mark further increased demand and ignited the great rally of spring 2013 when the bitcoin price shot from $20 to $266.  Mark had reduced his liability in bitcoins, but in dollar terms the coins that were still missing were worth more than ever before.  

On May 15, 2013 the US Department of Homeland Security seized millions of dollars from the MtGox Dwolla bank account. MtGox dollar reserves were already depleted at this point, and with the recent seizure, Mark could no longer make good on customer withdrawals in US dollars.  

Under the guise of “banking problems,” MtGox slowed US dollar withdrawals to a trickle in the summer of 2013.   Customers became increasingly worried and began to bid up the price of bitcoin on MtGox, as this was the only way to escape with their funds. MtGox had little fiat and very little bitcoins, but it learned one thing: as the price differential between Gox and BitStamp grew, the outwards flow of bitcoin slowed dramatically.  

And so Willy was born.  Willy was a bot, discovered by Wall Observers from bitcointalk.org and named by Opet on Bonavest's trading show, who would consistently purchased bitcoins at regular intervals between November 2013 and February 2014.  Evidence that Willy belonged to Mark was revealed when both web and API trading at Gox was disabled for a brief period of time, exposing Willy as the only one left buying.  

Willy served two purposes: he drove the price of bitcoin on the MtGox exchange high, thereby slowing and sometimes reversing the outward flow of real BTC, and he reduced the number of GoxBTC held by clients.  Of course, this meant that Willy eventually became the owner of a huge number of GoxBTC (that were of course no longer backed by real BTC).  

By December, the situation at MtGox was grim.  In a desperate attempt to attract more funds, Mark offered reduced trading fees under the guise of celebrating their 1,000,000th customer.  This partially worked, but Mark knew it was too late.  If MtGox collapsed, it must appear that he didn’t know about the theft until now—for it was better to appear incompetent than criminal.  

It was time to cover his tracks.

He purposely mixed immature coins into bitcoin withdrawals to delay the outward flow of coins, and later began malling his own transactions.  He added the Gox malleability weakness not as a bug, but as a feature, so that it would seem plausible that outsiders had recently stolen the coins without his awareness.   No coins were actually lost to malleability.  

The MtGox coin supply dwindled to 2,000 BTC and on February 7, 2014 he had no choice but to disable bitcoin withdrawals.   The end was near.  

The problem Mark faced was that his customers had $150,000,000 credited to their accounts, yet the MtGox bank account only contained $38,000,000.  He could blame the missing bitcoins on transaction malleability, but how could he explain where the fiat money went?

He shifted Willy into reverse and cranked the throttle.  Willy relentlessly dumped bitcoins into the open bids.  The price fell further and further, eventually dropping well below the BitStamp price.  But still not enough people were buying!  He needed his customers to buy the GoxBTC.  Willy kept dumping coins until finally the price dropped below $100.  MtGox even acquired new USD bank wires from customers looking to purchase the cheap coins.   By this time, the majority of Gox customers had converted their dollars into bitcoins.  

On February 28, 2014, Mt Gox filed for bankruptcy protection in Tokyo, reporting 6.5 billion yen in liabilities, 3.8 billion yen in assets, and 750,000 of customer bitcoins missing.  Willy had failed to completely close the fiat solvency gap and Mark finally admitted to having lost the coins.

Now we watch the rest of the story unfold.  A story of how an oversight during a hectic period, an untimely theft, and an attempt to cover it up, lead to the greatest loss in the history of bitcoin.  
1433215969
Hero Member
*
Offline Offline

Posts: 1433215969

View Profile Personal Message (Offline)

Ignore
1433215969
Reply with quote  #2

1433215969
Report to moderator
1433215969
Hero Member
*
Offline Offline

Posts: 1433215969

View Profile Personal Message (Offline)

Ignore
1433215969
Reply with quote  #2

1433215969
Report to moderator
1433215969
Hero Member
*
Offline Offline

Posts: 1433215969

View Profile Personal Message (Offline)

Ignore
1433215969
Reply with quote  #2

1433215969
Report to moderator
HaoBTC
Mining Dividend Paid Hourly, Flexible Deposit and Withdrawal, Proven Track Record

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1433215969
Hero Member
*
Offline Offline

Posts: 1433215969

View Profile Personal Message (Offline)

Ignore
1433215969
Reply with quote  #2

1433215969
Report to moderator
1433215969
Hero Member
*
Offline Offline

Posts: 1433215969

View Profile Personal Message (Offline)

Ignore
1433215969
Reply with quote  #2

1433215969
Report to moderator
1433215969
Hero Member
*
Offline Offline

Posts: 1433215969

View Profile Personal Message (Offline)

Ignore
1433215969
Reply with quote  #2

1433215969
Report to moderator
T.Stuart
Sr. Member
****
Offline Offline

Activity: 308


View Profile

Ignore
March 02, 2014, 10:20:14 PM
 #2

Great article!

The only thing I don't agree with is how the coins were stolen in 2011. I think the hackers dumped Goxbtc and not real btc on the exchange to crash the price to zero. The theft would more likely have been some kind of inside job.

EDIT: sorry - this statement actually fits with what you are saying  Grin But I do think it is either Mark or someone close to him who has the coins.
yrtrnc
Sr. Member
****
Offline Offline

Activity: 364


Long live Bitcoin


View Profile

Ignore
March 02, 2014, 10:23:07 PM
 #3

Thanks,  great story.

Long live Bitcoin
Donations:
1PhAambgbhYjAfN4GHjhPJXGgsukBsohuv
jojo69
Hero Member
*****
Offline Offline

Activity: 700



View Profile

Ignore
March 02, 2014, 10:33:53 PM
 #4

The best thinking on the matter to date.

This is not some pseudoeconomic post-modern Libertarian cult, it's an un-led, crowd-sourced mega startup organized around mutual self-interest where problems, whether of the theoretical or purely practical variety, are treated as temporary and, ultimately, solvable.
Censorship of e-gold was easy. Censorship of Bitcoin will be… entertaining.
sobriket
Member
**
Offline Offline

Activity: 84


View Profile

Ignore
March 02, 2014, 10:45:14 PM
 #5

Please link to evidence of the existence of Willy and its persistent buying during API outage
T.Stuart
Sr. Member
****
Offline Offline

Activity: 308


View Profile

Ignore
March 02, 2014, 10:52:44 PM
 #6

Please link to evidence of the existence of Willy and its persistent buying during API outage

You had to be there to see it. While there are loads of bots trading exchanges this Gox bot spent the first couple of months only buying at regular intervals of a few minutes (periods of an hour or so several times a day most days), and the last couple of weeks selling at the same rate or faster! By the end it was impossible not to notice.
sobriket
Member
**
Offline Offline

Activity: 84


View Profile

Ignore
March 02, 2014, 11:18:11 PM
 #7

Please link to evidence of the existence of Willy and its persistent buying during API outage

You had to be there to see it. While there are loads of bots trading exchanges this Gox bot spent the first couple of months only buying at regular intervals of a few minutes (periods of an hour or so several times a day most days), and the last couple of weeks selling at the same rate or faster! By the end it was impossible not to notice.
Okay, but what about its persistence during API outage? Perhaps a link to a forum post?
BTC_Bear
B4 Foundation
VIP
Sr. Member
*
Offline Offline

Activity: 378


Best Offense is a Good Defense


View Profile WWW

Ignore
March 02, 2014, 11:22:48 PM
 #8

Can I get the movie rights?

Has to be better than Suck My Geek.

Corporations have been enthroned, An era of corruption in high places will follow and the money power will endeavor to prolong its reign by working on the prejudices of the people until wealth is aggregated in a few hands and the Republic is destroyed. ~Abe Lincoln 1ApJdWUdSWYw8n8HEATYhHXA9EYoRTy7c4
Peter R
Hero Member
*****
Online Online

Activity: 602


View Profile

Ignore
March 02, 2014, 11:23:13 PM
 #9

Please link to evidence of the existence of Willy and its persistent buying during API outage

You had to be there to see it. While there are loads of bots trading exchanges this Gox bot spent the first couple of months only buying at regular intervals of a few minutes (periods of an hour or so several times a day most days), and the last couple of weeks selling at the same rate or faster! By the end it was impossible not to notice.
Okay, but what about its persistence during API outage? Perhaps a link to a forum post?

There should be several posts in the Wall Observer thread that document this.  Unfortunately, there are thousands of pages to search through.  I didn't comment on it direcly, so I can't check my post history, and I don't remember the exact date when this happened.  Hopefully someone else remembers and we can reference the old posts.  

The other thing I'd like to reference is something about some "secret" that Mark had.  I remember vaguely something about an important secret, but I forget where I originally heard this.  
Dalmar
Sr. Member
****
Offline Offline

Activity: 434


View Profile

Ignore
March 02, 2014, 11:23:55 PM
 #10

Nice read.
Peter R
Hero Member
*****
Online Online

Activity: 602


View Profile

Ignore
March 02, 2014, 11:31:57 PM
 #11

I thought this comment from Reddit was interesting:


  • Gargoyle88 2 points 18 seconds ago

Oh, and you could roll the failed partnership with Coinlab in there. Maybe Karpeles didn't realize that he would have to:

"Mt. Gox has failed to deliver all passwords,Yubikeys, administrative logins and any other security information required so that CoinLab may assume operation of the Bitcoin exchange services for customers in the United States and Canada.."

Realizing that this would expose the whole mess, he chose to breach and risk the lawsuit that followed.



mitus-2
Full Member
***
Offline Offline

Activity: 154



View Profile

Ignore
March 02, 2014, 11:33:40 PM
 #12

The best explanation so far

chriswilmer
Hero Member
*****
Offline Offline

Activity: 882


View Profile WWW

Ignore
March 02, 2014, 11:33:47 PM
 #13

Super write-up! I've mostly avoided reading the various theories on what happened to Mt.Gox... but this one is really great! Self-consistent and plausible.

(Also, it's a theory that worries me much less than one where 700,000+ bitcoins were stolen very recently)
chriswilmer
Hero Member
*****
Offline Offline

Activity: 882


View Profile WWW

Ignore
March 02, 2014, 11:35:06 PM
 #14

I thought this comment from Reddit was interesting:


  • Gargoyle88 2 points 18 seconds ago

Oh, and you could roll the failed partnership with Coinlab in there. Maybe Karpeles didn't realize that he would have to:

"Mt. Gox has failed to deliver all passwords,Yubikeys, administrative logins and any other security information required so that CoinLab may assume operation of the Bitcoin exchange services for customers in the United States and Canada.."

Realizing that this would expose the whole mess, he chose to breach and risk the lawsuit that followed.





That's kind of funny actually. Coinlab has just had an endless string of disasters (Alydian mining? *facepalm*)... but now it actually looks like they dodged a bullet by not taking over Mt.Gox!
chriswilmer
Hero Member
*****
Offline Offline

Activity: 882


View Profile WWW

Ignore
March 02, 2014, 11:40:31 PM
 #15

Hmm... it's a little crazy to think that Mt.Gox's fumblings may have played critical roles in Bitcoin rallies as well as, obviously, the spectacular crashes.

Peter, you should be a writer!

Peter R
Hero Member
*****
Online Online

Activity: 602


View Profile

Ignore
March 02, 2014, 11:44:41 PM
 #16

Super write-up! I've mostly avoided reading the various theories on what happened to Mt.Gox... but this one is really great! Self-consistent and plausible.

(Also, it's a theory that worries me much less than one where 700,000+ bitcoins were stolen very recently)


Thanks Chris and everyone else for the compliments.  I couldn't have put this story together without all the smart ideas and pieces of the puzzle I learned from the other contributors here.  


I should say again for everyone reading that this story is a mixture of fact and speculation.  It could turn out to be wrong, of course.  
theonewhowaskazu
Sr. Member
****
Offline Offline

Activity: 448


View Profile

Ignore
March 02, 2014, 11:48:36 PM
 #17

I suppose this could be real, but if your willing to (A) hold only fractional reserves and (B) not allow withdraws of a certain currency for an indefinite period of time, it was still perfectly possible for Mark to get out of this.

If Willy had reversed before Bitcoin withdraws were dissabled, then it would have gotten ~$1000 per coin for some coins. Then, dissable withdraws with Willy going the whole way down, hell, Willy could have probably cleared the entire orderbook from $1000 to $100 in a day and nobody would have questioned it, given the "bad news" of Gox not enabling withdraws. Hell, nobody questioned it when it happened on Bitfinex/BTC-E. Thats a LOT OF MONEY and probably an average price per Bitcoin of about $700.

With such a huge selloff Willy could almost surely get back more coins back than it sold, without wasting any fiat. And if it couldn't, people couldnt' withdraw Bitcoins anyway. If they expected MTGox Bitcoins to have as good credit risk as Gox fiat, then just issue Bitcoins to yourself in your DB, send it to Bitcoin builder, and withdraw real Bitcoins, and sell those Bitcoins on stamp, and grow your USD reserves, while pushing down the BTC price on your exchange because you're filling it will fake BTC. Then buy the BTC up with the arbitrage'd dollars from stamp. If people DON'T expect MTGox Bitcoins to have as good credit risk as Gox fiat, then just buy the coins with willy after tanking your own market and causing a huge market. In either case, the end result is that you end up with MORE Bitcoins than you started with, without losing any fiat, and in fact gaining fiat in the form of tx fees while the whole panic is going on.

Then, calmly open withdraws back up, a couple of days later, and claim that nothing happened but a glitch in TX malleability, and then posts like the OP's wouldn't even exist. And when you open up withdraws, BUY BITCOINS LIKE NUTS going into the announcement. Result? Huge price increase, and you can sell your BTC back for MUCH more expensive, and now you're making fiat too. Repeat maybe one more time and you're solvent in both BTC and USD.

chriswilmer
Hero Member
*****
Offline Offline

Activity: 882


View Profile WWW

Ignore
March 02, 2014, 11:53:45 PM
 #18

I suppose this could be real, but if your willing to (A) hold only fractional reserves and (B) not allow withdraws of a certain currency for an indefinite period of time, it was still perfectly possible for Mark to get out of this.

If Willy had reversed before Bitcoin withdraws were dissabled, then it would have gotten ~$1000 per coin for some coins. Then, dissable withdraws with Willy going the whole way down, hell, Willy could have probably cleared the entire orderbook from $1000 to $100 in a day and nobody would have questioned it, given the "bad news" of Gox not enabling withdraws. Hell, nobody questioned it when it happened on Bitfinex/BTC-E. Thats a LOT OF MONEY and probably an average price per Bitcoin of about $700.

With such a huge selloff Willy could almost surely get back more coins back than it sold, without wasting any fiat. And if it couldn't, people couldnt' withdraw Bitcoins anyway. If they expected MTGox Bitcoins to have as good credit risk as Gox fiat, then just issue Bitcoins to yourself in your DB, send it to Bitcoin builder, and withdraw real Bitcoins, and sell those Bitcoins on stamp, and grow your USD reserves, while pushing down the BTC price on your exchange because you're filling it will fake BTC. Then buy the BTC up with the arbitrage'd dollars from stamp. If people DON'T expect MTGox Bitcoins to have as good credit risk as Gox fiat, then just buy the coins with willy after tanking your own market and causing a huge market. In either case, the end result is that you end up with MORE Bitcoins than you started with, without losing any fiat, and in fact gaining fiat in the form of tx fees while the whole panic is going on.

Then, calmly open withdraws back up, a couple of days later, and claim that nothing happened but a glitch in TX malleability, and then posts like the OP's wouldn't even exist. And when you open up withdraws, BUY BITCOINS LIKE NUTS going into the announcement. Result? Huge price increase, and you can sell your BTC back for MUCH more expensive, and now you're making fiat too. Repeat maybe one more time and you're solvent in both BTC and USD.

I think you're basically suggesting that Mt.Gox could have day-traded its way out of insolvency. Sure, that could always work in theory... but there's no guarantee the market wouldn't move against you (people could still arbitrage with other exchanges if withdrawals weren't disabled). Mark might have just dug an even deeper hole (in fact, I think this is how some traditional banks have failed to get out of insolvency...).
varta
Newbie
*
Offline Offline

Activity: 4


View Profile

Ignore
March 02, 2014, 11:58:07 PM
 #19

I wished I found a flaw in your plot, because it is devastating for anyone's hope of ever getting stuck assets out of Gox.
But so far I didn't find any. Congrats, that all sounds quite reasonable to me.

Looking at the volume charts between mid 2011 and today, Gox may have gained about 200k-300k btc in total from fees.
That lines up well with about 800K btc missing, operating cost can probably be neglected in that calculation.

Keeping the keys for 1000000 btc on the server would not have been necessary. Once there was a substantial amount of btc on hot wallet addresses, they could have sent them to cold storage with one click, even if this was a paper wallet being locked in a bank safe.

What's left, at least for me, is to check for any confirmation of a $1000k steal on that day. We are looking for $1000k coins which mostly entered Gox during the weeks before and then were all spent more or less at once. The thief would have had to do the latter in order to prevent Gox from spending them first using a backup of the wallet, after the theft had been detected.

I wonder how plausible it is that the fact of such an amount of coins being stolen could be kept secret. But never verifying your wallets against the blockchain would  certainly be helpful. In that context, the late detection of of double-spends due to TM is even plausible without introducing TM on purpose.
chriswilmer
Hero Member
*****
Offline Offline

Activity: 882


View Profile WWW

Ignore
March 03, 2014, 12:00:02 AM
 #20

^^

Oh right, I didn't think of this. Couldn't most exchanges have deposits go straight to cold storage? *shrugs* Maybe Mt.Gox didn't run that way.
Pages: [1] 2 3 4 5 6 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!