Bitcoin Forum
November 26, 2020, 02:18:08 AM *
News: Bitcointalk Community Awards
 
   Home   Help Search Login Register More  
Pages: 1 2 3 4 5 6 [All]
  Print  
Author Topic: someone fucked up and lost ALOT of money  (Read 30030 times)
genjix
Legendary
*
Offline Offline

Activity: 1232
Merit: 1000


View Profile
October 29, 2011, 12:30:24 AM
Last edit: October 30, 2011, 02:20:13 AM by genjix
 #1

thanks to phantomcircuit for asking me to investigate:

Code:
depth  | index_in_block |   encode   |    value     |                             tx_hash                              |    when_created    
--------+----------------+------------+--------------+------------------------------------------------------------------+---------------------
 150951 |             23 | 76a90088ac |  24.31000000 | 111291fcf8ab84803d42ec59cb4eaceadd661185242a1e8f4b7e49b79ecbe5f3 | 2011-10-28 21:11:28
 150951 |             22 | 76a90088ac | 100.00000000 | 81f591582b436c5b129f347fe7e681afd6811417973c4a4f83b18e92a9d130fd | 2011-10-28 21:11:28
 150951 |             21 | 76a90088ac |  37.00000000 | ddddf9f04b4c1d4e1185cacf5cf302f3d11dee5d74f71721d741fbb507062e9e | 2011-10-28 21:11:28
 150951 |             20 | 76a90088ac |  98.48055000 | 305fbc2ec7f7f2bc5a21d2dfb01a5fc52ab5d064a7278e2ecbab0d2a27b8c392 | 2011-10-28 21:11:28
 150951 |             19 | 76a90088ac |  39.81000000 | f0137a6b31947cf7ab367ae23942a263272c41f36252fcd3460ee8b6e94a84c1 | 2011-10-28 21:11:28
 150951 |             18 | 76a90088ac |  65.00000000 | 633acf266c913523ab5ed9fcc4632bae18d2a7efc1744fd43dd669e5f2869ce5 | 2011-10-28 21:11:28
 150951 |             17 | 76a90088ac | 100.00000000 | 5bd88ab32b50e4a691dcfd1fff9396f512e003d7275bb5c1b816ab071beca5ba | 2011-10-28 21:11:28
 150951 |             16 | 76a90088ac |  21.00000000 | 64c01fedd5cf6d306ca18d85e842f068e19488126c411741e089be8f4052df09 | 2011-10-28 21:11:28
 150951 |             15 | 76a90088ac |  35.78400000 | 3be0ac3dc1c3b7fa7fbe34f4678037ed733a14e801abe6d3da42bc643a651401 | 2011-10-28 21:11:28
 150951 |             14 | 76a90088ac | 100.00000000 | 9edab6e7fadf1d6006315ff9394c08a7bf42e19cf61502200a1f73994f8da94b | 2011-10-28 21:11:28
 150951 |             13 | 76a90088ac | 100.00000000 | 835d4dcc52e160c23173658de0b747082f1937d1184e8e1838e9394bc62c0392 | 2011-10-28 21:11:28
 150951 |             12 | 76a90088ac | 143.62000000 | aebe39a99114f1b46fc5a67289545e54cbfec92d08fc8ffc92dc9df4a15ea05a | 2011-10-28 21:11:28
 150951 |             11 | 76a90088ac | 367.75849319 | aa62bdd690de061a6fbbd88420f7a7aa574ba86da4fe82edc27e2263f8743988 | 2011-10-28 21:11:28
 150951 |             10 | 76a90088ac | 100.00000000 | 6a86e6a5e8d5f9e9492114dafe5056c5618222f5042408ad867d3c1888855a31 | 2011-10-28 21:11:28
 150951 |              9 | 76a90088ac |  35.78000000 | 7ad47a19b201ce052f98161de1b1457bacaca2e698f542e196d4c7f8f45899ab | 2011-10-28 21:11:28
 150951 |              8 | 76a90088ac | 100.00000000 | 0ca7f7299dc8d87c26c82badf9a303049098af050698c694fbec35c4b08fc3df | 2011-10-28 21:11:28
 150951 |              7 | 76a90088ac | 100.00000000 | 3ab5f53978850413a273920bfc86f4278d9c418272accddade736990d60bdd53 | 2011-10-28 21:11:28
 150951 |              6 | 76a90088ac | 497.00000000 | 03acfae47d1e0b7674f1193237099d1553d3d8a93ecc85c18c4bec37544fe386 | 2011-10-28 21:11:28
 150951 |              5 | 76a90088ac | 100.00000000 | 15ad0894ab42a46eb04108fb8bd66786566a74356d2103f077710733e0516c3a | 2011-10-28 21:11:28
 150951 |              4 | 76a90088ac | 200.00000000 | 2d00ef4895f20904d7d4c0bada17a8e9d47d6c049cd2e5002f8914bfa7f1d27b | 2011-10-28 21:11:28
 150951 |              3 | 76a90088ac |  98.00000000 | 6d39eeb2ae7f9d42b0569cf1009de4c9f031450873bf2ec84ce795837482e7a6 | 2011-10-28 21:11:28
 150951 |              2 | 76a90088ac | 100.00000000 | 07d33c8c74e945c50e45d3eaf4add7553534154503a478cf6d48e1c617b3f9f3 | 2011-10-28 21:11:28
 150951 |              1 | 76a90088ac |  45.82000000 | 6d5088c138e2fbf4ea7a8c2cb1b57a76c4b0a5fab5f4c188696aad807a5ba6d8 | 2011-10-28 21:11:28

2609.36304319 BTC of irretrievable money.

EDIT: explanation,

The script looks like: 76a90088ac

That's the standard transaction (tx for short) which is:

dup (0x76), hash160 (0xa9), 0x14 (push 20 bytes to the stack), .... (next 20 bytes of hash of public key), equalverify (0x88), checksig (0xac)

Only in this case the 0x14 has been replaced by 00, which in scripting language means push 0 bytes.

It's a tx which has been sent to nothing. Obviously someone was hacking at bitcoin or making a custom version and messed up- although I have no idea what it was doing with so much money.
1606357088
Hero Member
*
Offline Offline

Posts: 1606357088

View Profile Personal Message (Offline)

Ignore
1606357088
Reply with quote  #2

1606357088
Report to moderator
1606357088
Hero Member
*
Offline Offline

Posts: 1606357088

View Profile Personal Message (Offline)

Ignore
1606357088
Reply with quote  #2

1606357088
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1606357088
Hero Member
*
Offline Offline

Posts: 1606357088

View Profile Personal Message (Offline)

Ignore
1606357088
Reply with quote  #2

1606357088
Report to moderator
1606357088
Hero Member
*
Offline Offline

Posts: 1606357088

View Profile Personal Message (Offline)

Ignore
1606357088
Reply with quote  #2

1606357088
Report to moderator
1606357088
Hero Member
*
Offline Offline

Posts: 1606357088

View Profile Personal Message (Offline)

Ignore
1606357088
Reply with quote  #2

1606357088
Report to moderator
I.Goldstein
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
October 29, 2011, 12:43:01 AM
 #2

Well, that's a price increase.
MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1000



View Profile
October 29, 2011, 12:49:11 AM
 #3

And why is it unaccessible?

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
worldinacoin
Hero Member
*****
Offline Offline

Activity: 756
Merit: 500



View Profile
October 29, 2011, 01:00:32 AM
 #4

I don't understand that list, can anyone kindly elaborate.  Deeply appreciated.
chieffery
Member
**
Offline Offline

Activity: 98
Merit: 10


Feedback: +6


View Profile
October 29, 2011, 01:02:47 AM
 #5

I don't understand that list, can anyone kindly elaborate.  Deeply appreciated.

+1, a layman's would be nice.

BTC - 194ihPS7DTegoerp1WdRKED7PQCosyq2eL
LTC - LdTHdHo5GDDnQW5gSMNZ7zr8HFitZ7qRmC
BTCurious
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


^SEM img of Si wafer edge, scanned 2012-3-12.


View Profile
October 29, 2011, 01:04:38 AM
 #6

As far as I understand it, someone sent money to an "address" that wasn't properly formatted. As such, the money is sent, but never arrives anywhere. Most likely this was done by someone with a non-standard client, because the standard client can't do this. So it's either someone messing around with modifying the standard client code, or someone with custom code altogether (think exchanges etc).

randomguy7
Hero Member
*****
Offline Offline

Activity: 528
Merit: 500


View Profile
October 29, 2011, 01:07:38 AM
 #7

What, the network (the miners) accepts transactions with malformed destination addresses?
tvbcof
Legendary
*
Offline Offline

Activity: 3388
Merit: 1160


View Profile
October 29, 2011, 01:08:49 AM
 #8

As far as I understand it, someone sent money to an "address" that wasn't properly formatted. As such, the money is sent, but never arrives anywhere. Most likely this was done by someone with a non-standard client, because the standard client can't do this. So it's either someone messing around with modifying the standard client code, or someone with custom code altogether (think exchanges etc).

There has been some recent whining about people not recieving the BTC from Mt Gox.  Hmmmm.

sig spam anywhere and self-moderated threads on the pol&soc board are for losers.
BTCurious
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


^SEM img of Si wafer edge, scanned 2012-3-12.


View Profile
October 29, 2011, 01:09:36 AM
 #9

What, the network (the miners) accepts transactions with malformed destination addresses?
It shouldn't, but it did. There's currently an investigation at the miner in question how this happened.

theymos
Administrator
Legendary
*
Offline Offline

Activity: 3948
Merit: 7961


View Profile
October 29, 2011, 01:19:03 AM
 #10

http://blockexplorer.com/tx/5bd88ab32b50e4a691dcfd1fff9396f512e003d7275bb5c1b816ab071beca5ba#o1

I think it would be redeemable if you had 1111111111111111111114oLvT2.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
dunand
Hero Member
*****
Offline Offline

Activity: 637
Merit: 501



View Profile
October 29, 2011, 01:19:23 AM
 #11

It means that I'm approximately 0.00035% richer. Woo-ooh!

Sorry to hear that anyhow.
genjix
Legendary
*
Offline Offline

Activity: 1232
Merit: 1000


View Profile
October 29, 2011, 01:23:01 AM
Last edit: October 30, 2011, 02:19:41 AM by genjix
 #12

The script looks like: 76a90088ac

That's the standard transaction (tx for short) which is:

dup (0x76), hash160 (0xa9), 0x14 (push 20 bytes to the stack), .... (next 20 bytes of hash of public key), equalverify (0x88), checksig (0xac)

Only in this case the 0x14 has been replaced by 00, which in scripting language means push 0 bytes.

It's a tx which has been sent to nothing. Obviously someone was hacking at bitcoin or making a custom version and messed up- although I have no idea what it was doing with so much money.
BTCurious
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


^SEM img of Si wafer edge, scanned 2012-3-12.


View Profile
October 29, 2011, 01:24:02 AM
 #13

It seems that coins were sent to the address "0", which is obviously not a valid address. This is impossible with the standard client, and as such was done by someone running custom code.
About the network accepting it, I'll quote a bit of IRC conversation:
Quote
[03:01] <Glyph-Minus-229> the protocol doesn't prevent sending to invalid addreses?
[03:02] <gmaxwell> No, the protocol makes MANY things possible.
[03:02] <gmaxwell> The transactions are little programs that govern their redemption.
[03:03] <gmaxwell> There is probably no polynomial time that can identify all unspendable transactions.
So basically, it's not really possible to check for all things that go wrong. The bitcoin protocol supports a lot more than just sending coins from A to B, even though that's mainly what you see in the normal client nowadays. The miners need to accept "unusual transactions" though, as long as they adhere to the bitcoin protocol.

That's as far as I understand it. Is that layman-approved?

theymos
Administrator
Legendary
*
Offline Offline

Activity: 3948
Merit: 7961


View Profile
October 29, 2011, 01:30:26 AM
 #14

@theymos, nope. It has no destination pubkey.

Ah, hash160 will always produce 20 bytes, and with equalverify leading zeroes matter. So it can't be spent.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
genjix
Legendary
*
Offline Offline

Activity: 1232
Merit: 1000


View Profile
October 29, 2011, 01:34:01 AM
Last edit: October 30, 2011, 02:21:52 AM by genjix
 #15

Ah, hash160 will always produce 20 bytes, and with equalverify leading zeroes matter. So it can't be spent.

Yeah I realised that once I saw that 0x00 is OP_0 rather than push 0 bytes.

EDIT: on closer inspection, actually OP_0 is defined but not ever used. The normal behaviour of the client is to push 0 bytes, so there can't be any destination address.
theymos
Administrator
Legendary
*
Offline Offline

Activity: 3948
Merit: 7961


View Profile
October 29, 2011, 01:38:40 AM
 #16

@theymos, how do you get that number? I get: 1FYMZEHnszCHKTBdFZ2DLrUuk3dGwYKQxh

This is an address transaction, so assuming (incorrectly) that we're comparing numbers instead of bytes, the all-zero hash160 with the address I posted would work.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
chieffery
Member
**
Offline Offline

Activity: 98
Merit: 10


Feedback: +6


View Profile
October 29, 2011, 01:50:05 AM
 #17

It seems that coins were sent to the address "0", which is obviously not a valid address. This is impossible with the standard client, and as such was done by someone running custom code.
About the network accepting it, I'll quote a bit of IRC conversation:
Quote
[03:01] <Glyph-Minus-229> the protocol doesn't prevent sending to invalid addreses?
[03:02] <gmaxwell> No, the protocol makes MANY things possible.
[03:02] <gmaxwell> The transactions are little programs that govern their redemption.
[03:03] <gmaxwell> There is probably no polynomial time that can identify all unspendable transactions.
So basically, it's not really possible to check for all things that go wrong. The bitcoin protocol supports a lot more than just sending coins from A to B, even though that's mainly what you see in the normal client nowadays. The miners need to accept "unusual transactions" though, as long as they adhere to the bitcoin protocol.

That's as far as I understand it. Is that layman-approved?

+rep, appreciate the info, though now im left wondering...

BTC - 194ihPS7DTegoerp1WdRKED7PQCosyq2eL
LTC - LdTHdHo5GDDnQW5gSMNZ7zr8HFitZ7qRmC
BTCurious
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


^SEM img of Si wafer edge, scanned 2012-3-12.


View Profile
October 29, 2011, 01:56:38 AM
 #18

Maybe this helps.
It seems MtGox made a mistake somewhere.
Quote
<MagicalTux> that's a problem, but not the worst problem we ever faced
<MagicalTux> all the broken withdraws have been re-issued
<MagicalTux> just spent one week of BTC-only income
MagicalTux is a dev of MtGox.

tvbcof
Legendary
*
Offline Offline

Activity: 3388
Merit: 1160


View Profile
October 29, 2011, 02:09:07 AM
 #19

Maybe this helps.
It seems MtGox made a mistake somewhere.
Quote
<MagicalTux> that's a problem, but not the worst problem we ever faced
<MagicalTux> all the broken withdraws have been re-issued
<MagicalTux> just spent one week of BTC-only income
MagicalTux is a dev of MtGox.

Damn.  A quick peek at bitcoincharts and back-of-the-envelope calc after my above note lead me to believe that they could make it back in a week.  More luck than any real understanding though.


sig spam anywhere and self-moderated threads on the pol&soc board are for losers.
worldinacoin
Hero Member
*****
Offline Offline

Activity: 756
Merit: 500



View Profile
October 29, 2011, 02:18:23 AM
 #20

All these bitcoins, can they be retrieved or is it "Sayonara" for them?  That's really a lot of money!
BTCurious
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


^SEM img of Si wafer edge, scanned 2012-3-12.


View Profile
October 29, 2011, 02:19:19 AM
 #21

They're gone. No chance of retrieval.

Edit: Technically, if >50% of the miners agree, they could take the blockchain before the block with these transactions, and then generate a blockchain which is longer than the current one, without the transactions. It's unlikely that this happens though.

tvbcof
Legendary
*
Offline Offline

Activity: 3388
Merit: 1160


View Profile
October 29, 2011, 02:21:00 AM
 #22

Maybe this helps.
It seems MtGox made a mistake somewhere.
Quote
<MagicalTux> that's a problem, but not the worst problem we ever faced
<MagicalTux> all the broken withdraws have been re-issued
<MagicalTux> just spent one week of BTC-only income
MagicalTux is a dev of MtGox.

Damn.  A quick peek at bitcoincharts and back-of-the-envelope calc after my above note lead me to believe that they could make it back in a week.  More luck than any real understanding though.


...and...I've had a long-term dream of Mt. Gox 'crashing the train' and increasing the value of my holdings greatly.  It would have been quite something if they'd used this code to do any big internal moves like their famous 414141 one or whatever it was.


sig spam anywhere and self-moderated threads on the pol&soc board are for losers.
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1065


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
October 29, 2011, 02:23:55 AM
 #23

If there were a stock feature for "reject a block" and "ignore transaction" and the majority of mining power could be persuaded to use it quickly, this could be reversed. The miners would attempt to replace the lowest rejected block and would refuse to relay or incorporate the thorn transaction.

Too late for this transaction, but this would be the use case if there were one.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
worldinacoin
Hero Member
*****
Offline Offline

Activity: 756
Merit: 500



View Profile
October 29, 2011, 02:24:11 AM
 #24

2-3k of bitcoins is big for us, but I guess nothing to a sizable exchange.
BTCurious
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


^SEM img of Si wafer edge, scanned 2012-3-12.


View Profile
October 29, 2011, 02:29:11 AM
 #25

2-3k of bitcoins is big for us, but I guess nothing to a sizable exchange.
It's a week's worth of BTC-only income, apparently. Since they also have USD income, this would be about half of their week income. So it's definitly not nothing.

2112
Legendary
*
Offline Offline

Activity: 2128
Merit: 1038



View Profile
October 29, 2011, 02:36:39 AM
 #26

MagicalTux is a dev of MtGox.
I just wanted to remind everyone in this thread that recently MtGox had acquired bitomat.pl and its development team. Or at least some time of that Polish development team.

So it is conceivable that those 2609.36304319 BTC is the cost of training of someone from that team.

Please comment, critique, criticize or ridicule BIP 2112: https://bitcointalk.org/index.php?topic=54382.0
Long-term mining prognosis: https://bitcointalk.org/index.php?topic=91101.0
genjix
Legendary
*
Offline Offline

Activity: 1232
Merit: 1000


View Profile
October 29, 2011, 02:38:17 AM
 #27

Thought you all might find this chat from our channel useful:

Quote
< genjix> guys, in block 150951 there is 2609.36304319 BTC of irretrievable money: http://privatepaste.com/fba4dd1f44
< genjix> someone fucked up and lost ALOT of money
< joepie91> how come it's irretrievable?
< shockdiode> was just checking that out
< genjix> https://bitcointalk.org/index.php?topic=50206.0
< shockdiode> http://blockexplorer.com/block/0000000000000449ee5b94ba7a051caffff5c23d6a03335f6e20e3985b5ffa61
-!- abstinence [~abstinenc@gateway/tor-sasl/abstinence] has quit [Ping timeout: 248 seconds]
-!- da2ce7 [~da2ce7@gateway/tor-sasl/da2ce7] has joined #bitcoinconsultancy
< necrodearia> genjix, interesting.  In what way is it irretrievable?
< genjix> you cant spend them?
< shockdiode> this seems like a real flaw in the protocol
< shockdiode> those are basically just not getting sent to any address - no address/pubkey in the output
< shockdiode> so it seems it should be designed so that the sender is able to recover those
< genjix> shockdiode: no it isn't
< shockdiode> i know it isn't
< shockdiode> i'm saying it seems like it should be that way to me
< shockdiode> seems like an oversight
< genjix> i disagree though
< shockdiode> oh?
< genjix> someone was using a hacked/custom version of bitcoin
< shockdiode> reasoning? i'm sure you've thought this out much better than i have so am genuinely curious
< genjix> they messed up their output script and lost
< joepie91> shouldn't this have been rejected by the rest of the network as an invalid transaction?
< joepie91> seeing as it doesn't have a recipient
< shockdiode> right that's basically what i'm saying
< genjix> well output scripts are supposed to give you the power to make many different special transactions
< genjix> but it's a sharp knife
< genjix> someone just put their address as 0 in the standard tx type
< genjix> joepie91: no it doesnt fail because it's a perfectly valid tx Smiley
< joepie91> what is the purpose of sending a transaction without a recipient?
< joepie91> why is it?
< genjix> ok do you think they should make programming languages where you cannot have a logic error?
< da2ce7> lol
< da2ce7> genjix you should quickly spend em'
< da2ce7> then give them back to mtgox ;P
-!- abstinence [~abstinenc@gateway/tor-sasl/abstinence] has joined #bitcoinconsultancy
< genjix> Sad
< shockdiode> so basically looks like someone (gox afaik) screwed up on their output scripts...
< joepie91> if there is no purpose for a transaction without recipient, and the only effects it can have appear to be negative effects
< joepie91> then why should it be considered a valid tx?
< genjix> shockdiode: seems so.
< genjix> joepie91: because the scripting facility is a near full fledged programming language where you can do many things but the bitcoin protocol doesn't tell you what you can or cannot do
< genjix> albeit it is largely disabled for security reasons (checksig ddos) but that's the idea.
< shockdiode> hrm... but shoudn't anything with outputs to address 0 be considered invalid?
< joepie91> ^
< joepie91> I know that it CAN be done
< joepie91> but should it be ALLOWED to be done?
< joepie91> I mean, in most languages you cannot multiply a string either
< genjix> there's tons of shit you can do that isnt valid
< genjix> why try to ban it
< joepie91> then why is it not considered invalid?
< genjix> what about if i try to send to 000000000000000000000000001
< joepie91> because that prevents issues like these?
< joepie91> seems like a pretty good reason
< joepie91> to try and implement safeguards/checks against it
< genjix> nope bad idea
< joepie91> why?
< joepie91> why would you NOT implement it?
< genjix> scripting system is supposed to be basic, simple and highly flexible
< genjix> if you want to implement a type safe language on top then go ahead
< joepie91> that does not answer my question
< joepie91> why would you not implement it?
-!- copumpkin [~pumpkin@unaffiliated/pumpkingod] has joined #bitcoinconsultancy
< genjix> bitcoin scripting = assembly language
< joepie91> that still does not answer my question
< genjix> pointless. you cannot protect against every strange thing people want to do
< genjix> it is folly
< joepie91> this is about one of the most obvious mistakes
< joepie91> that can be made
< joepie91> there is all reason to at least implement basic protections against things like these
< joepie91> and no reason not to
< joepie91> your arguments so far come down to "it's the law because it's the law"
< genjix> im totally against adding any restrictions to the scripting language
< joepie91> _why?_
< genjix> no rules
< joepie91> come up with a concrete reason
< genjix> because you start piling on lots and lots of rules to muddy the standard and then somewhere down the line you wonder how you got into this bureaucratic mess
< joepie91> this is more a bureaucratic mess than anything
< joepie91> "it's not like that because it's not supposed to be like that"
< genjix> a good standard is simple and elegant. it's not the job of the standard to try to protect people by implementing safeguards
< genjix> that's the job of the application developer
< joepie91> lolno
< genjix> HTML does not legislate rules to protect web servers
< joepie91> it is the job of the standard if that standard is responsible for collective bookkeeping that affects other users
< joepie91> and not just itself
< genjix> that's the job of the web server software themselves to not have flaws.
< joepie91> implementing a disapproval of miners of transactions without a recipient has ZERO negative consequences
< joepie91> NOT implementing it DOES have consequences
< joepie91> as we can see here
< joepie91> genjix: bad analogy
< genjix> someone misused bitcoin. not our fault.
< shockdiode> eh, well he's got a good point
< joepie91> HTML has zero to do with webservers
< joepie91> whatsoever
< joepie91> HTML is fully client-side interpreted
< shockdiode> it is up to the developer to check their shit
< joepie91> the webserver just sends out data, it doesn't give a shit whether it's XML, HTML, text, or an MP3
< joepie91> shockdiode, the issue here is that the implementation does NOT only affect those that use that specific implementation
< joepie91> but the entire network
< genjix> i dont want people stuffing crap into bitcoin. if gavin wants to implementing scoring for disconnecting nodes, i might not like that but it's ok since i don't have to do it.
< joepie91> also those that do NOT choose to use said implementation
< joepie91> and that is where the problem lies
< genjix> he thinks it makes the network more secure. i disagree
< genjix> but if that was a standard.
< genjix> then fuck me.
< joepie91> genjix: that can have negative consequences
< joepie91> the change I proposed does not
< joepie91> if it does, feel free to point out a concrete negative consequence
< genjix> yes it does have negative consequences.
< genjix> maybe not today.
< joepie91> ok, point it out
< joepie91> point it out
< joepie91> point out a negative consequence
< joepie91> a concrete negative consequence
< genjix> read this article: http://www.aosabook.org/en/bdb.html
< joepie91> that is not an answer to my question
< genjix> take it from someone who has worked on projects with millions and millions of lines of code
< joepie91> I don't care
< joepie91> name. a. concrete. negative. consequence.
< genjix> you don't tack shit on mindlessly *right* now
< joepie91> I value what people say, not who they are
< genjix> it is purely reactionary.
< joepie91> name a concrete negative consequence.
< joepie91> name one.
< genjix> that it is stopping me using the scripting system how *I* want to use it
< joepie91> how is that a negative consequence if you doing so would hurt the network as a whole?
< genjix> there are a near infinite number of different variations of scripts that can cause me to put my bitcoins into a black hole
< genjix> we cannot legislate to protect everybody
< joepie91> sure, and this one is so obvious it would be trivial to protect against it
< genjix> which this essentially is.
< joepie91> it's not a valid argument
< genjix> rules to try to coddle bad developers.
< joepie91> name a negative consequence - and I am talking about negative consequences for the network as a whole, not one individual user
< genjix> or well developers mistakes (we all make mistakes Smiley
< genjix> negative consequences - a hugely muddled and bloated standard
< joepie91> you're avoiding the point and have still not named a negative consequence that affects the network as a whole
< joepie91> that is not a concrete negative consequence
< genjix> yes it is
< joepie91> 'do not accept transactions without a recipient' is one line of text
< joepie91> that's it
< genjix> and 8 lines of code
< joepie91> calling that 'hugely muddled and bloated' is a MASSIVE exxaggeration
< genjix> now add another 100 of those
< joepie91> we are talking about this specific change
< genjix> 1000 lines of code and an extra month of work
< joepie91> not about 100 others
< joepie91> those 100 others only exist on your side of the conversation
< genjix> why are you scriptist?
< joepie91> this discussion is about transactions without a recipient and only about transactions without a recipient
< genjix> all bad scripts are equal
-!- ej_ [~ej@67.224.69.45] has joined #bitcoinconsultancy
 * joepie91 sighs
< genjix> we need to try to stop all of them Smiley
< joepie91> we are talking about ONE SPECIFIC CHANGE right now
< joepie91> not about 235018235601720681203967102936 potential imaginary future changes
< joepie91> name a concrete negative consequence that affects the network as a whole for THAT one specific change
< genjix> poor software
< joepie91> note the keyword concrete
< genjix> you are behaving like people who say X is bad, government needs to ban X
< joepie91> so, we can conclude that there are no concrete negative consequences that affect the network as a whole for that specific change?
< genjix> let people autonomously find their own way to protect against it
< joepie91> so, we can conclude that there are no concrete negative consequences that affect the network as a whole for that specific change?
< genjix> it only affects developers not users (ideally)
< genjix> your words, not mine.
< joepie91> yes or no?
< joepie91> it was a question
< genjix> yea-no.
< joepie91> seriously, stop dancing around it
< joepie91> if you cannot come up with a concrete consequence then just say you can't come up with one
-!- ej__ [~ej@67.224.69.45] has quit [Ping timeout: 244 seconds]
< joepie91> I've been asking you for what? 15 minutes now?
< genjix> miners set policy about what they accept
< joepie91> and you have not been able to give even ONE concrete negative consequence that fits the description I gave
< genjix> there is no rules on what they can put in the blockchain
< joepie91> and yes, you can trail off on another discussion now and try to divert the subject
< joepie91> to not have to admit that you cannot name a negative consequence
< genjix> and the software currently does NO checking of scrpts
< genjix> scripts
< joepie91> but I'm not going to bite into tjhat
< joepie91> that*
< genjix> you want to change ALL of that
< joepie91> are you even reading what I am saying/
< joepie91> ?*
< genjix> reshape the network. have a gigantic overhaul to implement a new standard.
< joepie91> I guess not then.
< genjix> ok.
< joepie91> did you read what I said above?
< genjix> the bad thing is that it compromises network architecture and the very foundation and ideas of bitcoin itself as well as being bureaucratically infeasible and a path towards a complicated and bloated standard (which is not what we want).
< joepie91> .......
< genjix> if i want to write to address 0 in c++ then I can
< genjix> the program doesn't try to stop me.
< genjix> and why should it? it's MY code. i do wateva the f i want
< genjix> bitcoin script IS code
< joepie91> it does not 'compromise network architecture', does not compromise the idea of bitcoin (this is a solely technical limitation, not a usage limitation), I cannot see how it would be bureaucratically infeasible, and 'towards a complicated and bloated standard' is a slippery slope fallacy.
< genjix> yes it does. how do you want to enforce all the miners to accept this new rule?
< joepie91> you don;t
< joepie91> you don't*
< genjix> then how can you make it invalid
< joepie91> did you see me say anywhere <joepie91>at all costs every single miner HAS to adopt this method or be kicked from the network
< joepie91> ?
< joepie91> because I didn't
< genjix> yeah that's how you enforce rules
< joepie91> because if it is a standard and is implemented over time, that will naturally happen
< joepie91> I never said ANYTHING about enforcing rules
< joepie91> anywhere
< joepie91> whatsoever
< genjix> umm bitcoin is a set of rules
< joepie91> every miner for himself can decide whether he wants to accept those transactions or not
< joepie91> with no address
< joepie91> I do not see any issue with that
< genjix> which is what has happened now
< genjix> im cool with that
< joepie91> yet, noone seems to have implemented it
< joepie91> because it isn't put down anywhere
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoinconsultancy
< ThomasV> genjix: it wasn't me!!
< ThomasV> (re: someone fucked up)
< genjix> heh ThomasV
< genjix> ThomasV: you missed the heated discussion Smiley
< ThomasV> what was it ?
< ThomasV> I bet it was about whether miners should accept that
< genjix> yes exactly
< genjix> guess which side i was on
< ThomasV> oh no idea
< genjix> pro-everything goes in script. no checks.
< ThomasV> checks seem to be difficult indeed
< ThomasV> pro-choice
< genjix> yep about a bazillion things you can do to cut yourself
< genjix> not a standards responsibility to protect implementations
< ThomasV> people should have the right to kill their bitcoins
< ThomasV> but hell, why did this guy play with 2600 coins? maybe he believed he was on testnet?
< genjix> no idea. so strange huh
< necrodearia> <joepie91> name a concrete negative consequence. - broken record ftw.  how about naming an abstract, ideal, immaterial or intangible, careless, faulty, inaccurate, lax, vague, counterfeit, false, fictitious, imaginary, legendary, pretended, unreal, diluted, dissolved, melted, opened, thinned, unclotted, liquified, separated, waterproof, loose, slack, flexible, soft, supple, weak, yielding, implicit and/or unclear consequence?
< joepie91> necrodearia, did you just smack me with a dictionary? D:
< necrodearia> no, a thesaurus
< joepie91> close enough
< necrodearia> although, I wasn't smacking you
-!- Mqrius [Mqrius@forecast.student.utwente.nl] has joined #bitcoinconsultancy
< necrodearia> hi Mqrius
< shockdiode> "this guy" was tux...
< genjix> shockdiode: really?
< ThomasV> shockdiode: huh?
< shockdiode> yeah, he said as much in #mtgox
< shockdiode> [18:08] <MagicalTux> that's a problem, but not the worst problem we ever faced
< shockdiode> [18:08] <MagicalTux> all the broken withdraws have been re-issued
< genjix> Shocked
< shockdiode> [18:10] <MagicalTux> just spent one week of BTC-only income
< necrodearia> heh, one week
< OneFixt> his tx had too many inputs
< necrodearia> again, us$100,000+/year profits
< shockdiode> yeah
< genjix> OneFixt: explain?
< shockdiode> [18:14] <MagicalTux> I need to limit the number of inputs in a tx, seems that normal bitcoind don't like a tx with 293 inputs
< OneFixt> ^ that
< ThomasV> this is another blow to mtgox's tech reputation
< genjix> smells like bullshit
< shockdiode> oh yeah?
< genjix> there is no limit on the number of inputs
< shockdiode> intredasting
< shockdiode> wasn't aware of one myself
< genjix> and the maximum number of inputs on his transactions is 4
< OneFixt> isn't it 255?
< genjix> no
< genjix> anyway his max number of inputs was 4
< ThomasV> tux said a few days ago that he's not using bitcoind anymore
< ThomasV> bitcoinj instead
< genjix> damn
< OneFixt> i thought he was using something custom and not bitcoinj
< genjix> why?
< shockdiode> hrm, yeah does seem that max number of inputs was 4
< OneFixt> maybe it shows up as 4 because the other tx wouldn't show up in block explorer?
< genjix> nope
< genjix> i have a custom bitcoin version myself
< genjix> SQL database
< OneFixt> ok, i'd like to see more details on the error in that case
< OneFixt> looks like shockdiode brought it up
< genjix> if anyone wants a dump of the sql database ask me.
< OneFixt> i need to get around to writing one of those
< genjix> libbitcoin.org in case you didnt see it Smiley
< OneFixt> ah, thanks =)
< genjix> anyway it's still pre-alpha
< OneFixt> rally time
< genjix> 01:50 < graingert> just use Python
< genjix> 01:50 < graingert> and get on with your life
< genjix> 01:50 < gmaxwell> I like writing software that actually runs in realtime.
< genjix> laughed hard
 * necrodearia rallies with OneFixt
< OneFixt> hehe
< necrodearia> excitebike world rally, right?
< OneFixt> bitcoinworld rally!
< genjix> sorry guys
< genjix> not going to happen
< OneFixt> you don't like rallies?
< genjix> why would a loss of 2k btc make a difference
< OneFixt> oh, it's unrelated
< genjix> ohh ok
< OneFixt> hehe just looking at my charts
< ThomasV> ping me when it reaches $30
< ThomasV> good night
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Quit: Quitte]
-!- SomeoneWeird [~SomeoneWe@unaffiliated/someoneweird] has quit [Excess Flood]
-!- Guest59589 [~SomeoneWe@unaffiliated/someoneweird] has joined #bitcoinconsultancy
BTCurious
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


^SEM img of Si wafer edge, scanned 2012-3-12.


View Profile
October 29, 2011, 02:47:25 AM
 #28

Holy crap, that was a pain to read. I gave up halfway through. I can't believe how patient you are, genjix Smiley

Vladimir
Hero Member
*****
Offline Offline

Activity: 812
Merit: 1000


-


View Profile
October 29, 2011, 02:52:14 AM
 #29

Interesting event which gives us all some information.

This event has caused about 0.0346% Bitcoin deflation.

Annual MtGox "BTC only income" can be estimated now as approximately 136 000 BTC or at current exchange rates slightly below 0.5 million USD.

Given 7.55 millions of current bitcoin float it is almost 1.8% of all bitcoins currently in existence.

more commentary on this matter at https://bitcoin.org.uk/forums/topic/402-mtgox-the-largest-bitcoin-exchange-has-revealed-its-income/ .

P.S. Only those who do nothing, do not make mistakes.


-
Gavin Andresen
Legendary
*
Offline Offline

Activity: 1652
Merit: 1069


Chief Scientist


View Profile WWW
October 29, 2011, 02:53:36 AM
 #30

I was just thinking today about resetting the -testnet with new rules to make it more stable/useful...



How often do you get the chance to work on a potentially world-changing project?
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1007


Gerald Davis


View Profile
October 29, 2011, 02:56:14 AM
 #31

All these bitcoins, can they be retrieved or is it "Sayonara" for them?  That's really a lot of money!

Bitcoin is irrevocable.  The coins were sent to nowhere.  They are gone.
julz
Legendary
*
Offline Offline

Activity: 1092
Merit: 1000



View Profile
October 29, 2011, 03:13:25 AM
 #32

Wasn't the idea of destroying bitcoins by spending to a provably non-redeemable address floated somewhere around here before? It was part of one proposed mechanism of migrating value to a new blockchain I think.
It seems to me that scripts such as this (sharp and pointy as they may be) should be allowed.

@electricwings   BM-GtyD5exuDJ2kvEbr41XchkC8x9hPxdFd
Littleshop
Legendary
*
Offline Offline

Activity: 1316
Merit: 1000



View Profile WWW
October 29, 2011, 03:50:40 AM
 #33

There is some discussion about having miners reject bad transactions.  Wouldn't that just cause a huge split in the network if only half the people upgraded the client and then that happened?

DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1007


Gerald Davis


View Profile
October 29, 2011, 03:53:21 AM
 #34

There is some discussion about having miners reject bad transactions.  Wouldn't that just cause a huge split in the network if only half the people upgraded the client and then that happened?

Client doesn't have anything to do with miners.
Miners already can include or reject any transaction for any reason.

Each miner (or pool) decides which transactions (if any) to include in the block they are hashing.
klaus
Legendary
*
Offline Offline

Activity: 1904
Merit: 1000



View Profile
October 29, 2011, 04:40:39 AM
Last edit: October 29, 2011, 06:22:34 AM by klaus
 #35

// EDIT:

Im not in the irc, so i can not reach MagicalTux

 [18:08] <MagicalTux> all the broken withdraws have been re-issued

for me, thats not true until now.

- can someone reach MagicalTux via irc and link him to this?

// FIXED !

BTCurious helped me out.

my withdraw has been reissued by mtgox !! thank you very much mtgox!

bitmessage:BM-2D9c1oAbkVo96zDhTZ2jV6RXzQ9VG3A6f1​
threema:HXUAMT96
BTCurious
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


^SEM img of Si wafer edge, scanned 2012-3-12.


View Profile
October 29, 2011, 05:12:21 AM
Last edit: October 29, 2011, 06:15:11 AM by BTCurious
 #36

- can someone reach MagicalTux via irc and link him to this?
I've contacted him on IRC. He had already sent out a new transaction. It was not yet processed by the blockchain. You could see it pending here: -link removed-

Just now while typing it, it's been included in a block. It should show up in your wallet in a while, as it downloads the newest block.

-link removed-

etotheipi
Legendary
*
Offline Offline

Activity: 1428
Merit: 1046


Core Armory Developer


View Profile WWW
October 29, 2011, 05:15:50 AM
 #37

Well, at least it was someone with a lot of BTC, and not some kid like half the people on this forum, who have devoted the last year to BTC and then lost it all with a buggy script.  The guy running MtGox can probably afford it, at least...

OTOH, he just helped me identify a bug in my code:  it chokes when it receives an OP_0 where it expects to find an address...

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
BTCurious
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


^SEM img of Si wafer edge, scanned 2012-3-12.


View Profile
October 29, 2011, 05:16:51 AM
 #38

OTOH, he just helped me identify a bug in my code:  it chokes when it receives an OP_0 where it expects to find an address...
:')

klaus
Legendary
*
Offline Offline

Activity: 1904
Merit: 1000



View Profile
October 29, 2011, 05:39:57 AM
Last edit: October 29, 2011, 08:10:04 AM by klaus
 #39

@BTCurious

thanks alot for your help !!! i can confirm that. the rest came. happy now.


i want to send you a 5 btc donation for your help.
i did not rewarded, and you did not ask for that.

but for me, a donation to you in this case is just we should treat each other. i have no btc service or something i could give you something back. so i send you btc. even i dont know you.

can i use one of the adresses in your footer? are them btc or a fork?
can you give me a btc adress?

thanks once again.

bitmessage:BM-2D9c1oAbkVo96zDhTZ2jV6RXzQ9VG3A6f1​
threema:HXUAMT96
BTCurious
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


^SEM img of Si wafer edge, scanned 2012-3-12.


View Profile
October 29, 2011, 05:43:04 AM
 #40

Cheesy I'm glad everything worked out for you Smiley
They are all BTC addresses, yes, you can pick any one of them.

Thanks a lot for the donation Cheesy I really wasn't expecting that!

klaus
Legendary
*
Offline Offline

Activity: 1904
Merit: 1000



View Profile
October 29, 2011, 06:14:08 AM
Last edit: October 29, 2011, 06:26:06 AM by klaus
 #41

@BTCurious

send to you.

thanks for your help again.

- can you please edit your post, so that my btc adress is no longer open? everything is fine now. no need for the details.

bitmessage:BM-2D9c1oAbkVo96zDhTZ2jV6RXzQ9VG3A6f1​
threema:HXUAMT96
BTCurious
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


^SEM img of Si wafer edge, scanned 2012-3-12.


View Profile
October 29, 2011, 06:16:17 AM
 #42

I see the transaction. Thanks a lot!

Links are edited out of my post.
Good luck with your BTC!

Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1456
Merit: 1000



View Profile
October 29, 2011, 08:19:42 AM
 #43

And this is the guy whom 90% of Bitcoin users trust their money to...  Roll Eyes

MagicalTux fucks up... AGAIN!  Grin

What will happen when they lose the income of 10 years?  Undecided

Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1456
Merit: 1000



View Profile
October 29, 2011, 08:40:36 AM
 #44

And this is the guy whom 90% of Bitcoin users trust their money to...  Roll Eyes

MagicalTux fucks up... AGAIN!  Grin

What will happen when they lose the income of 10 years?  Undecided

at the moment he stands 100% behind the bitcoin.

since the 17.000 Bitomat.pl story i trust mtgox deeply.
nobody asked him to pay the 17k. but he did. because he ownes and earns a lot of btc. and he is obviously looking long term.

so i dont see him running away with my mtgox balance.

It seems he's more close to LOSE the mtgox balance than run away with it.
And for some strange reason people also trusted "Tom Williams" and look what happened... doesn't matter if he was really hacked or if he scammed and run away with the money, people lost their bitcoin in the end.

The road to Hell is paved with good intentions.

Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1456
Merit: 1000



View Profile
October 29, 2011, 10:46:23 AM
 #45

The win-win will disappear when the fuck up is so big that it turns into a lose-lose...
What if instead of 2k coins the dude(or code) that sent these coins to no address was moving the 500k coins we all saw MtGox move when the hack happened? Would their reaction be "hey, it's just the bitcoin revenue of 250 weeks, no problem" if that was the case?

Thinking about this stuff gives me the chills.

worldinacoin
Hero Member
*****
Offline Offline

Activity: 756
Merit: 500



View Profile
October 29, 2011, 10:59:43 AM
 #46

Hoping for new exchanges that can dilute the share of bitcoins so that we have many smaller players rather than a dominant player, that would be best for bitcoin.
klaus
Legendary
*
Offline Offline

Activity: 1904
Merit: 1000



View Profile
October 29, 2011, 11:15:59 AM
 #47

@worldinacoin

yes of course. but i dont see somthing like that. tradehill dont come over 5%


i think what will happen is -

bitcoin someone leaving the niche, than the big onlinebrokers start offering bitcointrading next to their stocks/gold etc. than mtgox is the small plattform, tradehill maybie survive far away and the other exchanges decease.

bitmessage:BM-2D9c1oAbkVo96zDhTZ2jV6RXzQ9VG3A6f1​
threema:HXUAMT96
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1456
Merit: 1000



View Profile
October 29, 2011, 11:25:33 AM
 #48

i deleted my post because i cant help you.

you trust a free service a lot of coins, then wondering what happend.

but you dont trust a hard working man fighting agains powerfull enemys (banks) and taking high fees from us for that.

well do what you do, i do what i do.

Wrong answer. I trust myself, and even so I must account for those times when I get high...
I haven't lost anything in mybitcoin and I don't plan on losing anything in any exchange. But others did and will.

Also, I'm not trying to get you to lose your faith on the hard working man charging you high fees. You are free to do whatever you wish, just don't be surprised when you lose Bitcoin in some service.

sturle
Legendary
*
Offline Offline

Activity: 1444
Merit: 1001

https://bitmynt.no


View Profile WWW
October 29, 2011, 11:38:58 AM
 #49

It seems he's more close to LOSE the mtgox balance than run away with it.
Now you are silly.  He lost 2% of his annual BTC revenue.  That's 1% of his total revenue, only that MtGox can not exchange BTC into fiat currency (i.e. trade) themselves.  That would be against regulations in Japan.  Since the stuff which can be bought for BTC is still quite limited, MtGox lost very little of practical value to them.  The users lost nothing.

Who would you rather trust for exchanging bitcoins?  Bitomat (all lost, saved by MtGox)?  Bitcoin7 (most lost, can get some back by revealing all possible details about your self and submitting naked photo)?  Tradehill (endorses spam, reveals your trades to the one who referred you)?

Most of MtGox' coins are in an offline securely stored wallet, as was demonstrated after the crack.  It can't be lost by a simple programming error.

Sjå https://bitmynt.no for veksling av bitcoin mot norske kroner.  Trygt, billig, raskt og enkelt sidan 2010.
I buy with EUR and other currencies at a fair market price when you want to sell.  See http://bitmynt.no/eurprice.pl
Warning: "Bitcoin" XT, Classic, Unlimited and the likes are scams. Don't use them, and don't listen to their shills.
genjix
Legendary
*
Offline Offline

Activity: 1232
Merit: 1000


View Profile
October 29, 2011, 12:19:26 PM
Last edit: October 29, 2011, 12:37:03 PM by genjix
 #50

Who would you rather trust for exchanging bitcoins?  Bitomat (all lost, saved by MtGox)?  Bitcoin7 (most lost, can get some back by revealing all possible details about your self and submitting naked photo)?  Tradehill (endorses spam, reveals your trades to the one who referred you)?

Or Intersango, never been hacked, run by bitcoin developers, been running since March 2011 and contributes back to the community. If you truly want to support the bitcoin world, then support us. We create projects through our group (Bitcoin Consultancy) which we use to fund further development on bitcoin and projects around it.

We were the ones that discovered the CSRF exploit in MtGox and other exchanges. TBH MtGox has a very poor track record when it comes to security, and they don't seem to have learnt from their lessons. We were the ones who had to respond to the media (by contacting them) when they crashed causing reporters to say bitcoin had been hacked and MtGox ignored all calls for a statement from them.

joepie, Diablo and some other people here lost money which MtGox has never paid back as a result of the CSRF exploit. They were also dishonest on multiple occasions, outright lying or covering things up. Even now they are blaming this on the bitcoin network not accepting transactions with inputs more than 255 (if you read the chatlog I pasted on page 2) which is wrong considering that a) there is no limit and b) the max number of inputs in any of their transactions was 4.

We're the only long running exchange that hasn't been compromised (formerly Britcoin) and are based in London with a development team. Our group (Bitcoin Consultancy) is also actively involved in developing other areas of bitcoin, operates other services and is working with merchants. And we charge no fees.

Our about us: https://intersango.com/about-us.php

Security: https://intersango.com/security.php

Fees: https://intersango.com/fees.php

Our development's group website: http://bitcoinconsultancy.com/

We were the ones just at SWIFT's (the messaging network used for international bank transfers) SIBOS conference on the future of banking discussing how bitcoin could be used to improve international transfers.

So we're pretty much heavily invested in bitcoin for the long term. The purpose of our group is to hire people to work full-time on furthering bitcoin. We release many of our project's source code for the community. We're also helping organise the European Bitcoin Conference.

If you appreciate our work, and wish for bitcoin to grow, then use our exchange. In return it allows us to grow our development team to push forwards and create more community projects we can contribute. It's my hope to turn this into a talent base to allow the brightest minds to prosper and develop cool technology- like Google or Apple but for specifically for bitcoin and other cryptocurrencies.


rotrott
Newbie
*
Offline Offline

Activity: 47
Merit: 0



View Profile
October 29, 2011, 12:32:40 PM
 #51

Will someone please answer me a stupid question (I'm sorry as I'm not really proficient in the protocol)?  As I understand it mtgox sent a transaction with an obviously invalid protocol message.  Shouldn't messages like this be rejected by the network?  It seems like a large hole to have open, especially if bitcoin becomes very popular and more people start writing (possibly flawed) code to use it.

Or it sounds like the mainline client does validation of the protocol message.  Perhaps this could be broken out into a library that everyone could use to validate the protocol message before it was sent?
genjix
Legendary
*
Offline Offline

Activity: 1232
Merit: 1000


View Profile
October 29, 2011, 12:34:31 PM
 #52

Or it sounds like the mainline client does validation of the protocol message.  Perhaps this could be broken out into a library that everyone could use to validate the protocol message before it was sent?

No, it's not a flaw. You can read the chatlog I pasted on page 2 for more information why.
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1456
Merit: 1000



View Profile
October 29, 2011, 12:36:54 PM
Last edit: October 29, 2011, 01:07:35 PM by psy
 #53

For adepts of decentralization you guys trust MtGox too much, even after all the times they fucked up... Just don't come crying when you lose your Bitcoin/USD/EUR. Until now they had the money to cover their(and others) losses, but what will happen when the fuck up is so big that they don't have the money?
And take out your donkey goggles, they are doing their job right, just letting you see what's in front of your eyes...

But whatever, people are free to lose their money any way they want. I'm out!

rotrott
Newbie
*
Offline Offline

Activity: 47
Merit: 0



View Profile
October 29, 2011, 01:02:35 PM
 #54

Or it sounds like the mainline client does validation of the protocol message.  Perhaps this could be broken out into a library that everyone could use to validate the protocol message before it was sent?

No, it's not a flaw. You can read the chatlog I pasted on page 2 for more information why.

I read most of the post as it was very long.

For the most part I agree with you (I hate bloat as much as the next guy).  However, most of the examples you quoted were for things like web servers, HTML, (perhaps I'm missing one).  All of these protocols have no consequences for the entire body of people using these protocols.  If a web server in china screws up, it doesn't affect me at all.  If someone screws up with bitcoin and sends 2 million coins into the darkness, that affects us all.  That can only happen so many times before bitcoin is no longer worth anything to anyone in its current form.  It would be nice to be able to run a message through a validator to get some indication of _major_ screw ups.  This would not have to be part of your script language.
k
Sr. Member
****
Offline Offline

Activity: 451
Merit: 250


View Profile
October 29, 2011, 01:14:35 PM
 #55

Wasn't the idea of destroying bitcoins by spending to a provably non-redeemable address floated somewhere around here before? It was part of one proposed mechanism of migrating value to a new blockchain I think.
It seems to me that scripts such as this (sharp and pointy as they may be) should be allowed.


@julz this might have been related to what you are thinking about above:

http://bitcoin.stackexchange.com/questions/924/can-a-bitcoin-be-destroyed
BTCurious
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


^SEM img of Si wafer edge, scanned 2012-3-12.


View Profile
October 29, 2011, 01:26:27 PM
 #56

For the most part I agree with you (I hate bloat as much as the next guy).
As I understand it mtgox sent a transaction with an obviously invalid protocol message.
It's not about bloat, actually. The point is, it was not an invalid protocol message. This was perfectly allowed by the protocol. There is no reason to disallow things that look strange but are valid by the protocol, just because it looks "obviously wrong" to us.


If someone screws up with bitcoin and sends 2 million coins into the darkness, that affects us all.  That can only happen so many times before bitcoin is no longer worth anything to anyone in its current form.
Yes, it does affect us all. In fact, it makes the bitcoin you are holding worth more, not less.

worldinacoin
Hero Member
*****
Offline Offline

Activity: 756
Merit: 500



View Profile
October 29, 2011, 01:30:49 PM
 #57

@worldinacoin

yes of course. but i dont see somthing like that. tradehill dont come over 5%


i think what will happen is -

bitcoin someone leaving the niche, than the big onlinebrokers start offering bitcointrading next to their stocks/gold etc. than mtgox is the small plattform, tradehill maybie survive far away and the other exchanges decease.

It takes time, the pioneer exchanges will normally have a head start, but the latter ones can be more innovative and catch up later on.
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1007


Gerald Davis


View Profile
October 29, 2011, 01:32:00 PM
 #58

I read most of the post as it was very long.

For the most part I agree with you (I hate bloat as much as the next guy).  However, most of the examples you quoted were for things like web servers, HTML, (perhaps I'm missing one).  All of these protocols have no consequences for the entire body of people using these protocols.  If a web server in china screws up, it doesn't affect me at all.  If someone screws up with bitcoin and sends 2 million coins into the darkness, that affects us all.  That can only happen so many times before bitcoin is no longer worth anything to anyone in its current form.  It would be nice to be able to run a message through a validator to get some indication of _major_ screw ups.  This would not have to be part of your script language.

What validator?  The exchange was writing their own custom code.  The client wouldn't allow you to make this transaction.  When you are working with raw code that is the risks you take.  

If you are indicating a miner should validate all scripts that quickly becomes very difficult.  The scripting language is very complex and there are many (some not yet even implemented) permutations of possible scripts.  What happens when miners start rejecting scripts that are valid but they think aren't valid and your transactions can't find their way into the blocks.  Lastly someone may decide they want to destroy currency and retain a public record of this.  
rotrott
Newbie
*
Offline Offline

Activity: 47
Merit: 0



View Profile
October 29, 2011, 01:37:49 PM
 #59

I guess I agree with you guys now, although it doesn't feel right hoping for people to screw up so my coins can be worth more...

There is no validator.  I'm saying it would be nice if there was one for people writing their own software.  It might keep them from making mistakes.  "WARNING:  You're sending coins to a zero address.  Are you sure this is what you intended to do?"  I guess they could write their own though...
memvola
Hero Member
*****
Offline Offline

Activity: 938
Merit: 1000


View Profile
October 29, 2011, 01:40:12 PM
 #60

It would be nice to be able to run a message through a validator to get some indication of _major_ screw ups.  This would not have to be part of your script language.

I don't think it's plausible to expect we could prevent screw-ups by blacklisting scripts. What are the chances that the same mistake will be made ever again? Next time it will be some other unforeseen error. And if you use heuristics for filtering, then what if there is a bug in the filter itself? I'm mostly impartial though, just not convinced about the usefulness of adding this particular mistake to the protocol specification. (I guess others wrote the very same reply.)
Steve
Hero Member
*****
Offline Offline

Activity: 868
Merit: 1000



View Profile WWW
October 29, 2011, 01:57:11 PM
 #61

I would be against any effort to put additional "spendability" checking into the main client.  The domain of possible transactions that are unspendable would be too large for that to be effective in any general way.  Sure, you could catch this particular form if it ever happened again, but you may as well call that rule the "mtgox screw up #214" rule...and it's highly unlikely that such a rule would ever catch a transaction in the future (because mtgox will have fixed the problem and it's unlikely that anyone else would create an unspendable transaction like this in the future).  With such rules, you are also making assumptions about the creator of the transaction that they didn't want to destroy coins.  You would also be altering what constitutes a valid transaction (and hence effectively changing the language).

If anything, create a toolkit outside the main client that tells you whether a transaction conforms to a handful of explicitly defined transaction types.  This is what mtgox should have had in place in their system (and ideally written by someone other than the person that built the code to produce their transactions).

(gasteve on IRC) Does your website accept cash? https://bitpay.com
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1007


Gerald Davis


View Profile
October 29, 2011, 03:22:36 PM
 #62

If anything, create a toolkit outside the main client that tells you whether a transaction conforms to a handful of explicitly defined transaction types.  This is what mtgox should have had in place in their system (and ideally written by someone other than the person that built the code to produce their transactions).

Exactly.  Current there is very little "high level" support for BTC protocol.  That is easy to understand why since it is young and in flux but just as people don't construct TCP/IP packets by hand or contstruct binary VISA interchange packets by hand in the future nobody will with Bitcoin either.

Eventually high level libraries will emerge (.net, python, php, java, C++, etc) that encapsulate error checking, validation in a higher level, more abstract, and more developer safe manner.

Something like (C# .Net)
Code:
import BitcoinDotNet

BitcoinNetworkStream stream = new BitcoinNetworkStream()

SimpleTransaction t = new SimpleTransaction()
t.Amount = ....
t.Destination = ....
t.Sign(myWallet)

try
{
  stream.SendTransaction(t)
}
catch (InvalidDestinationException e)
{
/// oops we tried to send it somewhere invalid

}

grndzero
Sr. Member
****
Offline Offline

Activity: 392
Merit: 250


View Profile
October 29, 2011, 03:42:40 PM
 #63

Unless he was using a totally nonstandard bitcoin client AND wallet.dat

https://bitcointalk.org/index.php?topic=34028.0

Code:
Delete transactions from your wallet
Under "Delete a key from your wallet:"
Key is the hash of the transaction you want to delete (type "all" to delete them all)
Type: Transaction

Ubuntu Desktop x64 -  HD5850 Reference - 400Mh/s w/ cgminer  @ 975C/325M/1.175V - 11.6/2.1 SDK
Donate if you find this helpful: 1NimouHg2acbXNfMt5waJ7ohKs2TtYHePy
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1065


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
October 29, 2011, 03:46:41 PM
 #64

The way I understand it, these transactions were nonstandard enough that normal miners and clients would already refuse to relay or process them (but will accept them in a mined block). And that the only way these got into a block was that he teamed up with Luke-Jr's Eligius mining pool which has been modified to explicitly allow these nonstandard transactions for a fee (or other negotiated arrangement).

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
etotheipi
Legendary
*
Offline Offline

Activity: 1428
Merit: 1046


Core Armory Developer


View Profile WWW
October 29, 2011, 04:16:41 PM
 #65

Keep in mind in this discussion, that once you go outside the scope of isStandard(), there is really no computationally-feasible way to evaluate if a script is "invalid" like this.  Sure, you could've written error-checking to catch the case that you accidentally plugged OP_0 in between OP_HASH160 and OP_EQUALVERIFY... but there's literally an infinity of other ways you could create an invalid transaction that wouldn't be caught by that condition.

How is the client supposed to know that a non-std script is invalid?  Try every possible TxIn-script -- all 256^200 scripts less than 200 bytes?  What if he had a valid script but accidentally plugged in all 20 '0x00' bytes instead of the target hash?  Or accidentally reversed the endian of the target address before signing?  Added or truncated a byte by accident?  Hashed one too many times?   Sure, you can catch some of these if you clutter your codebase with dozens of validation checks... but there's still billions of other feasible ways to create invalid scripts that just cannot be caught no matter if you have a billion checks.

Just as an example:  what if you accidentally reversed the hash of the target address?   The target "address" is actually just a hash of a public-key and no one knows whether there even is a public key that exists to match that address.  the BE and LE version of the same address are completely indistinguishable to someone who doesn't have the public key that created it.  You only know there is a public key when someone actually supplies it to spend the TxOut.  But until that happens, it is literally impossible (without trying all 2^256 private keys) to know whether that TxOut is spendable.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1065


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
October 29, 2011, 04:24:01 PM
 #66

Ultimately these coins are gone. Since more coins have been mined since then, any work to evict the transaction from the blockchain would do more damage to miners.

Imagine this were 500000 BTC and every MtGox user were at risk of a major loss. (which would certainly hit the news and damage the community).

A feature that allowed a miner to vote out a block or a transaction would be valuable. If 50%+ did it, the error would simply vanish. Democracy at work. But it would only work if that 50% voted immediately.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
sturle
Legendary
*
Offline Offline

Activity: 1444
Merit: 1001

https://bitmynt.no


View Profile WWW
October 29, 2011, 06:17:25 PM
 #67

We're the only long running exchange that hasn't been compromised
I don't think Bitcoin Central has been compromised either, or has it?  Free software as well. :-)

Sjå https://bitmynt.no for veksling av bitcoin mot norske kroner.  Trygt, billig, raskt og enkelt sidan 2010.
I buy with EUR and other currencies at a fair market price when you want to sell.  See http://bitmynt.no/eurprice.pl
Warning: "Bitcoin" XT, Classic, Unlimited and the likes are scams. Don't use them, and don't listen to their shills.
Mageant
Legendary
*
Offline Offline

Activity: 1145
Merit: 1001



View Profile WWW
October 29, 2011, 06:32:36 PM
 #68

It's basically the same effect as when somebody loses their wallet. So what are we worried about?
It this happens a lot, then just make Bitcoins more divisible by adding more decimals.

cjgames.com
odysseus654
Newbie
*
Offline Offline

Activity: 44
Merit: 0


View Profile
October 29, 2011, 07:34:29 PM
 #69

I'm not sure I'm convinced that these coins are "unspendable".

Wouldn't this just be an extremely-high-difficulty problem to solve?

Anyone wanna guess how many Thash it would take to get an address that hashes to zero?
etotheipi
Legendary
*
Offline Offline

Activity: 1428
Merit: 1046


Core Armory Developer


View Profile WWW
October 29, 2011, 07:38:41 PM
 #70

In order to spend these coins, you have to furnish a public key that, when you apply ripemd160(sha256(pubKey)) is equal to "0x00".  Unfortunately, ripemd160 only produces 20-byte hashes.  Even if you somehow did have a string that produces such an impossible hash, good luck finding the associated private key...

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
odysseus654
Newbie
*
Offline Offline

Activity: 44
Merit: 0


View Profile
October 29, 2011, 07:47:11 PM
 #71

If this is a case of "bad datatype" then rather than just "extremely unlikely success" then it seems like it could be mechanically verified as impossible to complete.  I know there are an infinite number of possible transaction scripts, but they should be able to match parameters to function calls and do basic type checking...

[EDIT] Also, we can still potentially "make democracy work" and void this transaction at any point.  It does require >90% buy-in though (i.e. for everyone to adopt a client with modified rules).  Of course, another "good luck" on getting that to happen without a *REALLY* good reason...
EhVedadoOAnonimato
Hero Member
*****
Offline Offline

Activity: 630
Merit: 500



View Profile
October 29, 2011, 10:18:27 PM
 #72

If this is a case of "bad datatype" then rather than just "extremely unlikely success" then it seems like it could be mechanically verified as impossible to complete.  I know there are an infinite number of possible transaction scripts, but they should be able to match parameters to function calls and do basic type checking...

Somebody said earlier in this thread that it's probably impossible to do such verification in polynomial time.
The protocol obviously cannot rely on heuristics, and a "transaction blacklist" in the protocol is definitely not desirable either. Such kind of things could eventually be done by an external tool through which you could validate your custom scripts, as also said by someone else in this thread. But the only reasonable behavior to the protocol is to accept them all.
ribuck
Donator
Hero Member
*
Offline Offline

Activity: 826
Merit: 1007


View Profile
October 29, 2011, 10:34:47 PM
 #73

But the only reasonable behavior to the protocol is to accept them all.
Agreed.

Any software that blocks (some) unspendable transactions can be applied at the time the transaction is created. There's no reason why someone else (i.e. the miner) needs to do the blocking.
bitcoinminer
Sr. Member
****
Offline Offline

Activity: 322
Merit: 252



View Profile
October 30, 2011, 12:42:33 AM
 #74

Congrats!  Expensive lessons are always the best.

"Let me try to send a ton of money via a non-standard client and see what happens!"

"Shouldn't we try with like, 0.01 BTC?"

"Fuck no!  I'm a programmer!  Let's send the whole wallet!"


Be fearful when others are greedy, and greedy when others are fearful.

-Warren Buffett
odysseus654
Newbie
*
Offline Offline

Activity: 44
Merit: 0


View Profile
October 30, 2011, 12:57:46 AM
 #75

I'm not quite sure I understand where the "polynomial time" came from, although there's a strong whiff of Gödel in that statement.  While I recognize that we cannot prove absolute correctness we can at least do some structural sanity checks, assuming there is an indeterminate number of items of arbitrary type on top of the stack or something.  Heck, Java does a heck of a lot heavier check than this when loading code.  And I don't see how this would change Bitcoin at all, or eliminate any possible "strange scripts" people could come up with.

I don't really understand the "minor is not the gatekeeper of transactions" thingy either.  What prevents double-spend transactions from entering the blockchain?  I'm assuming that anyone can broadcast anything they want almost by definition (i.e. we have to accept that badly-performing clients exist).  Either the miner has to block malicious transactions or we have to ignore malicious transactions that are already in the block chain.  I recognize that misformed scripts are nowhere near "malicious", but the same rules could apply here.  We don't need 100% buy-in by miners either, this doesn't really change Bitcoin, miners already are permitted to accept all or none of the transactions at their discretion.

I realize that I'm entering a very intense firestorm with this opinion and would probably immediately be declared too inexperienced and/or wrong Tongue
genjix
Legendary
*
Offline Offline

Activity: 1232
Merit: 1000


View Profile
October 30, 2011, 01:12:31 AM
 #76

This one change might be 8 lines of code.

100 of these future changes to partially protect the scripting language imperfectly.

An additional 1k lines of code total.

1 month of extra work.

An ambiguous restricted bloated standard that nobody understands. Multiple revisions and re-revisions to re-enable disabled behaviour and odd-corner cases nobody imagined where people need to abuse the scripting language in their own weird way.

Many buggy implementations.

Conclusion: KISS
rotrott
Newbie
*
Offline Offline

Activity: 47
Merit: 0



View Profile
October 30, 2011, 01:35:28 AM
 #77

It would be nice if there was something that let novice bitcoin programmers know if they were doing something (possibly) stupid.  I know, I know, don't hire stupid programmers, but let's step into the real world.  Not everyone is going to be a bitcoin pro from the offset.  There's no need to punish users of a poorly programmed service if we can do something to help these programmers learn...

I understand the level some of you guys are at, but not everyone starts there.
odysseus654
Newbie
*
Offline Offline

Activity: 44
Merit: 0


View Profile
October 30, 2011, 01:43:05 AM
Last edit: October 30, 2011, 02:04:45 AM by odysseus654
 #78

It would be nice if there was something that let novice bitcoin programmers know if they were doing something (possibly) stupid.  I know, I know, don't hire stupid programmers, but let's step into the real world.  Not everyone is going to be a bitcoin pro from the offset.  There's no need to punish users of a poorly programmed service if we can do something to help these programmers learn...

Considering how few "strange scripts" there are on blockexplorer (although it's not reporting any more with the huge flood from this one block), I'd say that the moment you start writing your own scripts or not just copy/pasting the two scripts that are used everywhere you are pretty much running without a safety net.
memvola
Hero Member
*****
Offline Offline

Activity: 938
Merit: 1000


View Profile
October 30, 2011, 02:06:56 AM
 #79

It would be nice if there was something that let novice bitcoin programmers know if they were doing something (possibly) stupid.

Testnet?
genjix
Legendary
*
Offline Offline

Activity: 1232
Merit: 1000


View Profile
October 30, 2011, 02:23:35 AM
 #80

i added an explanation to the op. basically OP_0 is defined, but there is no op that pushes a 0 to the stack. Instead it's actually interpreted as push 0 bytes to the stack. See script.h GetOp2
odysseus654
Newbie
*
Offline Offline

Activity: 44
Merit: 0


View Profile
October 30, 2011, 09:17:37 AM
Last edit: October 30, 2011, 09:34:08 AM by odysseus654
 #81

i added an explanation to the op. basically OP_0 is defined, but there is no op that pushes a 0 to the stack. Instead it's actually interpreted as push 0 bytes to the stack. See script.h GetOp2

I hope I'm not over-posting here, but as long as you're trying to clarify things.  BlockExplorer currently describes this as "OP_DUP OP_HASH160 0 OP_EQUALVERIFY OP_CHECKSIG".

With your explanation here, (assuming the "0" is "OP_0") the "0" sounds like it might be a bit... confusing.

Also, with OP_0 being an effective no-op (rather than push-zero), the datatype checking method I was mentioning prob wouldn't have done anything useful here (I doubt you're much surprised).  I'm also marking this back down from "structurally impossible" to "very improbable", there *may* be a path to claim, but it wouldn't be worth the effort to discover.
Vladimir
Hero Member
*****
Offline Offline

Activity: 812
Merit: 1000


-


View Profile
October 30, 2011, 05:09:46 PM
Last edit: October 30, 2011, 10:36:30 PM by Vladimir
 #82

enjoy using custom clients   Grin

also do this every single day  Grin Grin Grin

There is a good reason why I use old versions of bitcoind (and GUI client). I just let you all test it for half a year or so... than it seems like a good and well tested software for me.  Wink





-
theymos
Administrator
Legendary
*
Offline Offline

Activity: 3948
Merit: 7961


View Profile
October 30, 2011, 08:00:39 PM
 #83

BlockExplorer currently describes this as "OP_DUP OP_HASH160 0 OP_EQUALVERIFY OP_CHECKSIG".

These abstract script descriptions are produced by Bitcoin's CScript.ToString(). It's a Bitcoin bug if they are incorrect.

It looks like OP_0 was intended to push a numerical 0. It's probably a bug if it doesn't push anything. (The script in this case is broken either way, though.)

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
Hawkix
Hero Member
*****
Offline Offline

Activity: 531
Merit: 505



View Profile WWW
October 30, 2011, 08:11:25 PM
 #84

So, MtGox finally GOXXXED himself? I am not surprised at all.

Donations: 1Hawkix7GHym6SM98ii5vSHHShA3FUgpV6
http://btcportal.net/ - All about Bitcoin - coming soon!
ThiagoCMC
Legendary
*
Offline Offline

Activity: 1204
Merit: 1000

฿itcoin: Currency of Resistance!


View Profile
October 30, 2011, 08:12:53 PM
 #85

I was just thinking today about resetting the -testnet with new rules to make it more stable/useful...




+1
odysseus654
Newbie
*
Offline Offline

Activity: 44
Merit: 0


View Profile
October 31, 2011, 12:35:57 AM
 #86

BlockExplorer currently describes this as "OP_DUP OP_HASH160 0 OP_EQUALVERIFY OP_CHECKSIG".

These abstract script descriptions are produced by Bitcoin's CScript.ToString(). It's a Bitcoin bug if they are incorrect.

It looks like OP_0 was intended to push a numerical 0. It's probably a bug if it doesn't push anything. (The script in this case is broken either way, though.)

The descriptions of the opcodes also describe this as a push-zero (alias OP_FALSE) rather than push-nothing (there are already 11 NOP opcodes, why do we need another?)

This script appears to me to be potentially solvable if OP_0 is a NOP, unsolvable otherwise.  However it does feel to me like interpreting it as push-zero makes a lot more sense.

I do recognize that this opcode is unlikely to have been used anywhere, but any use of it (or any successful claim of these coins) would make it impossible to make some kind of change here without causing a netsplit.

I recognize that I've probably gone badly off-topic with respect to this topic title now...
genjix
Legendary
*
Offline Offline

Activity: 1232
Merit: 1000


View Profile
October 31, 2011, 01:16:08 AM
 #87

OP_FALSE is referenced nowhere and OP_0 only exists in GetOpName(...)

GetOp2 reads the opcode and then if it's less than PUSHDATA4, will branch to the push data stack part, and then on line 538 if (opcode < OP_PUSHDATA1) nSize will be set to 0.

EvalScript also interprets it as a push n bytes to the stack in the if ( ... && 0 <= opcode ...) after the previous first block of if (opcode ==  ...).
finway
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


View Profile
October 31, 2011, 02:20:01 AM
 #88

Thanks for the contribution (destroy ). Grin

greyhawk
Hero Member
*****
Offline Offline

Activity: 924
Merit: 1000


View Profile
October 31, 2011, 02:29:22 AM
 #89

It would be nice if there was something that let novice bitcoin programmers know if they were doing something (possibly) stupid.  I know, I know, don't hire stupid programmers, but let's step into the real world.  Not everyone is going to be a bitcoin pro from the offset.  There's no need to punish users of a poorly programmed service if we can do something to help these programmers learn...

I understand the level some of you guys are at, but not everyone starts there.

That is why you do test runs of your scripts/programs before releasing them into the wild. This is something several "exchanges" have now failed to do correctly and in turn got punished for it.
phillipsjk
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000

Let the chips fall where they may.


View Profile WWW
October 31, 2011, 06:04:41 AM
Last edit: October 31, 2011, 07:16:42 AM by phillipsjk
 #90

There is some discussion about having miners reject bad transactions.  Wouldn't that just cause a huge split in the network if only half the people upgraded the client and then that happened?

Client doesn't have anything to do with miners.
Miners already can include or reject any transaction for any reason.

Each miner (or pool) decides which transactions (if any) to include in the block they are hashing.

You two are talking about two different things. Miners are allowed to exclude any transactions they want, but they all have to agree on which transactions are valid.

Currently, most miners reject most turing-complete strange scripts, but still accept the full set of op-codes as valid. This is important because each miner must verify the validity or every transaction in the block-chain. For example a rogue miner generating a block with a 100BTC coin creation transaction will be ignored by the honest nodes.

TL:DR: Even if we wanted to prohibit coin destruction (I did not know it was unambiguously possible), it would create a split in the block-chain.

PS: I am still of the opinion that the protocol is essentially untouchable at least until the block-reward drops. What part of "experimental currency" don't people understand? We have to expect a few "flaws". Those flaws will be easier to interpret if we don't monkey with the experiment.

Edit: All Turing-complete scripts must be invalid. Else all miners would stall on the first endless loop included in the block-chain. Currently, "strange" transactions are transactions other than: tranferring a coin from one (set of) address to another, and coin creation.

James' OpenPGP public key fingerprint: EB14 9E5B F80C 1F2D 3EBE  0A2F B3DE 81FF 7B9D 5160
matonis
Sr. Member
****
Offline Offline

Activity: 303
Merit: 250



View Profile WWW
October 31, 2011, 07:35:35 AM
 #91

Thanks for the excellent insight on this, genjix. Deflation through attrition.

Founding Director, Bitcoin Foundation
I also cover the bitcoin economy for Forbes, American Banker, PaymentsSource, and CoinDesk.
ribuck
Donator
Hero Member
*
Offline Offline

Activity: 826
Merit: 1007


View Profile
October 31, 2011, 09:53:24 AM
 #92

All Turing-complete scripts must be invalid...
Bitcoin scripts do not form a turing complete language (there's no loop or "goto"), so the question doesn't arise.

[edit: this was a deliberate design decision by Satoshi]
odysseus654
Newbie
*
Offline Offline

Activity: 44
Merit: 0


View Profile
November 01, 2011, 04:12:04 AM
 #93

Also, (reading the same webpage I saw the OP_FALSE on) I do see that a number of commands were disabled "for security reasons", so there already are plenty of eyes ensuring that malicious scripts can't crash the blockchain.  The disabled commands are described as: 4 commands to split or combine strings, 4 bitwise operations, and 7 commands that multiply or divide numbers.
genjix
Legendary
*
Offline Offline

Activity: 1232
Merit: 1000


View Profile
November 01, 2011, 09:30:05 AM
 #94

Also, (reading the same webpage I saw the OP_FALSE on) I do see that a number of commands were disabled "for security reasons", so there already are plenty of eyes ensuring that malicious scripts can't crash the blockchain.  The disabled commands are described as: 4 commands to split or combine strings, 4 bitwise operations, and 7 commands that multiply or divide numbers.

There's a Solver in the code that matches transactions to only 2 allowed templates/formats. Without passing this template, transactions cannot make it into the memory pool and don't get propagated.

If you wish to make a new tx type you have to lobby for it to be included in the list of templates.
molecular
Donator
Legendary
*
Offline Offline

Activity: 2744
Merit: 1016



View Profile
November 01, 2011, 01:25:49 PM
 #95

Or it sounds like the mainline client does validation of the protocol message.  Perhaps this could be broken out into a library that everyone could use to validate the protocol message before it was sent?

No, it's not a flaw. You can read the chatlog I pasted on page 2 for more information why.

Must've been quite exhausting to keep arguing for such a long time with the guy that just seemed to refuse to even consider your viewpoint. I really admire your patience there, genjix.

PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0  3F39 FC49 2362 F9B7 0769
molecular
Donator
Legendary
*
Offline Offline

Activity: 2744
Merit: 1016



View Profile
November 01, 2011, 01:36:07 PM
 #96

Ultimately these coins are gone. Since more coins have been mined since then, any work to evict the transaction from the blockchain would do more damage to miners.

Imagine this were 500000 BTC and every MtGox user were at risk of a major loss. (which would certainly hit the news and damage the community).

A feature that allowed a miner to vote out a block or a transaction would be valuable. If 50%+ did it, the error would simply vanish. Democracy at work. But it would only work if that 50% voted immediately.

It's highly improbably that 50% would be able to evaluate the matter at hand and make that decision within the timeframe that allows to "undo" this without too much damage (blocks mined after questionable block).

So people might come up with the idea of proxying this decision-making. This might put the decision-making into too few hands, of course, and all the decentralization is down the drain.

I don't think this is a good idea, therefore.

Maybe MagicalTux should try to get some insurance against fuckups like this. Might be expensive and put a lot of hassle on him by ways of auditor wanting to see all code pre-production Wink

PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0  3F39 FC49 2362 F9B7 0769
Fluttershy
Sr. Member
****
Offline Offline

Activity: 420
Merit: 250


View Profile
November 05, 2011, 10:34:00 PM
 #97

Thanks for the excellent insight on this, genjix. Deflation through attrition.
Only thing is since you posted, the market's gone back down to nearly what it was before the incident.

casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1065


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
November 05, 2011, 11:11:12 PM
 #98

...
So people might come up with the idea of proxying this decision-making. This might put the decision-making into too few hands, of course, and all the decentralization is down the drain.

I don't think this is a good idea, therefore.
...

In a way, this has already happened.  Surely the three (or so) largest pools already constitute exactly what you have described.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
molecular
Donator
Legendary
*
Offline Offline

Activity: 2744
Merit: 1016



View Profile
November 07, 2011, 02:13:33 AM
 #99

...
So people might come up with the idea of proxying this decision-making. This might put the decision-making into too few hands, of course, and all the decentralization is down the drain.

I don't think this is a good idea, therefore.
...

In a way, this has already happened.  Surely the three (or so) largest pools already constitute exactly what you have described.

True. I think this is not a good situation.

I've seen in other threads that some people think mining in a bigger pool is more profitable. Pretty sad... there's so many small pools that'd deserve to become medium-sized.

PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0  3F39 FC49 2362 F9B7 0769
chickenado
Hero Member
*****
Offline Offline

Activity: 1036
Merit: 500



View Profile
December 14, 2011, 04:10:01 PM
 #100


Maybe MagicalTux should try to get some insurance against fuckups like this. Might be expensive and put a lot of hassle on him by ways of auditor wanting to see all code pre-production Wink


500k BTC are uninsurable, because it is practically impossible to replace them once lost.
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1007


Gerald Davis


View Profile
December 14, 2011, 04:22:25 PM
 #101


Maybe MagicalTux should try to get some insurance against fuckups like this. Might be expensive and put a lot of hassle on him by ways of auditor wanting to see all code pre-production Wink


500k BTC are uninsurable, because it is practically impossible to replace them once lost.

Irreplaceable items are insured all the time.  Artwork, pro-athletes legs, one of kind diamonds, etc.

The larger issue w/ insuring Bitcoin losses would be the inability to verify they really are lost.  Not so much in this case but if coins were sent to a wrong but valid address w/ no private key (or wallet/backups were corrupt, lost, etc) it is impossible to verify the coins are really lost.
tvbcof
Legendary
*
Offline Offline

Activity: 3388
Merit: 1160


View Profile
December 14, 2011, 07:15:20 PM
 #102


Maybe MagicalTux should try to get some insurance against fuckups like this. Might be expensive and put a lot of hassle on him by ways of auditor wanting to see all code pre-production Wink


500k BTC are uninsurable, because it is practically impossible to replace them once lost.

Really?  It seems just the opposite to me.  BTC are completely fungible.  The insurer would simply needs to buy them in...or mine them.  It would only be impossible to insure, say, 22x10^6 BTC.

It might be quite expensive to insure high quantities since the actuaries would need to consider the cost of buying them in.  I, for instance, can be shaken from my position by an offer which in excess of 'parity'.  'parity' to me is roughly 1kg of gold per BTC which makes the math easier Smiley


sig spam anywhere and self-moderated threads on the pol&soc board are for losers.
Bugpowder
Sr. Member
****
Offline Offline

Activity: 394
Merit: 250


View Profile
February 28, 2014, 09:34:09 PM
 #103

In light of recent developments at Mt. Gox, this thread is worth a revisit.  How many more coins were lost this way?

Maybe this helps.
It seems MtGox made a mistake somewhere.
Quote
<MagicalTux> that's a problem, but not the worst problem we ever faced
<MagicalTux> all the broken withdraws have been re-issued
<MagicalTux> just spent one week of BTC-only income
MagicalTux is a dev of MtGox.
practicaldreamer
Hero Member
*****
Offline Offline

Activity: 770
Merit: 500


View Profile
February 28, 2014, 11:01:05 PM
 #104

In light of recent developments at Mt. Gox, this thread is worth a revisit.  How many more coins were lost this way?


Yes - thanks for digging this one out and sharing - it makes very interesting reading, especially, of course, in the light of what has happened in the last couple of weeks.

I didn't grasp the finities of the coding issues (not my field  Wink Cheesy etc) though I believe I did get the gist - but FWIW I've got to agree with one of the later posts that was made around 2.5 years back now :-



Maybe MagicalTux should try to get some insurance against fuckups like this. Might be expensive and put a lot of hassle on him by ways of auditor wanting to see all code pre-production Wink



Bitcoinpro
Legendary
*
Offline Offline

Activity: 1316
Merit: 1000



View Profile
November 12, 2014, 04:00:16 AM
 #105

In light of recent developments at Mt. Gox, this thread is worth a revisit.  How many more coins were lost this way?


Yes - thanks for digging this one out and sharing - it makes very interesting reading, especially, of course, in the light of what has happened in the last couple of weeks.

I didn't grasp the finities of the coding issues (not my field  Wink Cheesy etc) though I believe I did get the gist - but FWIW I've got to agree with one of the later posts that was made around 2.5 years back now :-



Maybe MagicalTux should try to get some insurance against fuckups like this. Might be expensive and put a lot of hassle on him by ways of auditor wanting to see all code pre-production Wink


is the whole bitcoin thing just a long con? The legal system needs to get a lot more responsive as many  of the 10billion world population will deduce that fucking people over and steeling their money is fine...right now the good guys have to do something as these criminals seem to think they can hide behind lawyers and Magic it all away.

I lost money on Gox and quite a lot regarding bitcoin is full of fraud and the public need protecting .

Let's see Gox 2.0 with full reconstituted creditors who are not anonymous.

This post thread seems to justify the whole long con mirage of cryptographic digital currency .




Most jobs are obsolete already, that's where the con is,

WWW.FACEBOOK.COM

CRYPTOCURRENCY CENTRAL BANK

LTC: LP7bcFENVL9vdmUVea1M6FMyjSmUfsMVYf
Pages: 1 2 3 4 5 6 [All]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!