ICBIT Derivatives Market (USD/BTC futures trading) - LIVE

[Fireball]

It's sad that Mircea Popescu decided to jump into false accusations. I wrote a response in his thread, and I would like to thank you guys very much for non-biased analysis of the recent events.

I'm always quickly responding to all questions here, so if there are some doubts, issues - just drop me an email for private discussion, or ask here if you don't mind public discussion.

[1714234038]

1714234038

[1714234038]

1714234038

[MPOE-PR]

It's sad that Mircea Popescu decided to jump into false accusations.

That's so last summer...

Aug 28 16:05:05 <nefario>   well you're making some pretty serious claims
Aug 28 16:05:11 <nefario>   on that page
Aug 28 16:05:17 <nefario>   unless youre privy to information Im not
Aug 28 16:05:25 <nefario>   on GLBSE accounts getting hacked
Aug 28 16:05:34 <nefario>   so
Aug 28 16:05:39 <nefario>   suck it
Aug 28 16:05:40 <nefario>   and
Aug 28 16:05:40 <mircea_popescu>   so go correct it.
Aug 28 16:05:41 <nefario>   gnight
Aug 28 16:05:52 <mircea_popescu>   whenever, when you wake up.
Aug 28 16:05:58 <Luceo>   What page?
Aug 28 16:06:25 <assbot>   [GLBSE] [MERGEDMINING] 1 @ 0.0801 BTC [-]
Aug 28 16:06:33 <nefario>   mircea_popescu: make up some security vulnerabilites and compromises about GLBSE
Aug 28 16:06:38 <nefario>   posted it on his porn site
Aug 28 16:06:45 <nefario>   says "it's legit"
Aug 28 16:06:51 <nefario>   and
Aug 28 16:06:52 <mircea_popescu>   Luceo http://polimedia.us/trilema/2012/security-comparison-of-bitcoin-denominated-instruments-exchanges/
Aug 28 16:06:59 <nefario>   "prove me wrong"
Aug 28 16:07:03 <mircea_popescu>   nefario learn to quote srsly.
Aug 28 16:07:17 <nefario>   mircea_popescu: learn to paraphrase
Aug 28 16:07:34 <nefario>   he's making claims with no evidence
Aug 28 16:07:35 <mircea_popescu>   no see, it's bad to paraphrase when you're part to a dispute.
Aug 28 16:07:45 <nefario>   and convieniently ignoring the shit on his own doorstep
Aug 28 16:08:01 <mircea_popescu>   what shit is that dood ? "copyrighted material" ?
Aug 28 16:08:14 <mircea_popescu>   i've had about half dozen fraudulent or otherwise baseless dmca notices in the past 5 years
Aug 28 16:08:17 <mircea_popescu>   i disputed all of them
Aug 28 16:08:20 <nefario>   that goes in the legal risks
Aug 28 16:08:23 <mircea_popescu>   other party never responded to the dispute filing.
Aug 28 16:08:24 <nefario>   also
Aug 28 16:08:27 <mircea_popescu>   dun dun dun.
Aug 28 16:08:33 <nefario>   I live in manchester
Aug 28 16:08:35 <nefario>   UK
Aug 28 16:08:41 <mircea_popescu>   im eagerly awaiting on the next half dozen batch.
Aug 28 16:08:49 <assbot>   [GLBSE] [FPGAMINING] 6 @ 0.90999 = 5.4599 BTC [-]
Aug 28 16:08:57 <mircea_popescu>   o, you're in the uk ? so say so (there!) so people know better. why is this so hard ?
Aug 28 16:08:57 <nefario>   I pointed several out yesterday
Aug 28 16:09:08 <nefario>   your retort was: then post it on my site"
Aug 28 16:09:22 <nefario>   I'm in China
Aug 28 16:09:25 <nefario>   on holiday
Aug 28 16:09:32 <nefario>   ending soon
Aug 28 16:09:37 <assbot>   [GLBSE] [YABMC] 9 @ 0.1348 = 1.2132 BTC [-]
Aug 28 16:09:39 <assbot>   [GLBSE] [YABMC] 26 @ 0.1349 = 3.5074 BTC

Aug 28 16:09:40 <assbot>   [GLBSE] [YABMC] 146 @ 0.135 = 19.71 BTC

Aug 28 16:09:41 <nefario>   I've been living in the UK for nearly a year
Aug 28 16:09:42 <assbot>   [GLBSE] [YABMC] 10 @ 0.135 = 1.35 BTC

Aug 28 16:09:42 <mircea_popescu>   ok.
Aug 28 16:09:46 <nefario>   not a secret
Aug 28 16:10:04 <mircea_popescu>   weren't you saying you work there at some point ?
Aug 28 16:10:13 <nefario>   work where?
Aug 28 16:10:21 <mircea_popescu>   in china.
Aug 28 16:10:26 <mircea_popescu>   weren't you teaching or w/e ?
Aug 28 16:10:37 <nefario>   ja
Aug 28 16:10:39 <nefario>   a year ago
Aug 28 16:11:53 <Luceo>   nefario: Make a rebuttal then if its FUD

[Fireball]

This MPOE-PR spammer is quite obsessive. I reported to the moderator once again.

I tried speaking directly to Mircea Popescu on #bitcoin-assets, to address the false accusations he expressed, however he doesn't understand basic financial stuff:

[xx:20] <_Fireball> contracts are NOT settled a 20:00 GMT
[xx:20] <_Fireball> is that clear now?
[xx:20] <@assbot> [MPEX] [S.BVPS] 1200 @ 0.00280004 = 3.36 BTC [-]
[xx:20] <_Fireball> you can check your own logs
[xx:20] <_Fireball> you can confirm and verify
[xx:21] <mircea_popescu> listen. is there some event occuring on your site every day at 20:00 ?
[xx:21] <_Fireball> settlement day is 15.12.2012
[xx:21] <_Fireball> yes, it's called clearing, it's a technical event
[xx:21] <mircea_popescu> yes yes. you settle daily inasmuch as you keep moving margins around.
[xx:21] <smickles> heh, mircea_popescu technically settlement is jargon
[xx:21] <smickles> it has specific meaning
[xx:21] <mircea_popescu> ignoring the fact you've got your terminology borkt.
[xx:22] <_Fireball> http://en.wikipedia.org/wiki/Clearing_(finance)
[xx:22] <_Fireball> vs
[xx:22] <_Fireball> http://en.wikipedia.org/wiki/Settlement_(finance)
[xx:22] <smickles> anyway, _Fireball so you suspect connection failure when I still saw the live depth updating?
[xx:23] <mircea_popescu> dear old wikipedia.

I will leave the question of how did he managed to create his own Options Exchange when lacking such a basic knowledge to the readers.

Quickly searching through forums reveals info about him: https://bitcointalk.org/index.php?topic=102333.0

[picobit]

Nothing exciting happened tonight...  Boooring

[Fireball]

Nothing exciting happened tonight...  Boooring

:-)

A bunch of updates coming pretty soon, the most tasty being depth of the market chart and Google Auth protection for withdrawals.

[picobit]

A bunch of updates coming pretty soon, the most tasty being depth of the market chart and Google Auth protection for withdrawals.

The first is good news.  The second is really good news!

[guruvan]

Fireball: Randomizing the clearing time to a 5,10,15min window would be a very good thing
(also, is a scroll bar on the orderbook so challenging? I can't believe this is still not fixed yet....it's just not that complex to solve IMO, but it IS having an major effect on traders - please don't wait for additional updates. It's always better to push updates to live with fewer changes than updates with More changes 

MPOE-PR - I gotta wonder....did MP get squeezed out? I had some suspicion that MP was one of the larger hands trading at ICBit once GLBSE shutdown. I also note that MP has a history of establishing risky short positions (i.e. his synthetic pirate pass through).

Do I trust Fireball? Nope. But I don't get the sense that he's the market manipulator.

Do I trust Mircea? Not anymore than fireball. I have not more "proof" of MP's identity than I do of Fireball's, really, and definitely have no more or less recourse in either case against a nefarious exchange operator.

In the end, though, I gotta trade somewhere. So, I trade where the exchange operators seem to be as honest as possible, and as communicative as possible.

The one thing I find most disturbing about accusations, is that most humans seem to accuse others of those faults, flaws, and outright criminal behavior, that they themselves are guilty of. MPOE-PR, you post about pretty much every other trading related site, in a negative way. I'm starting to wonder how many of your accusations are based in MP's own behavior (and not that of the competing exchange being accused). That notwithstanding, MP's opinion on other exchanges has been pretty well-founded, and predictions of doom have oft been correct. So...................

TBH, I'm getting a little nervous. One of these leverage platforms are going to crash & burn. ICBit? MPEx/MPOE? Bitfinex? I'd like to be completely out before it does this time, dammit.

[MPOE-PR]

MPOE-PR - I gotta wonder....did MP get squeezed out?

Nope. They did try (pushing it down as low as 9.5ish), but failed and eventually seem to have given up.

I had some suspicion that MP was one of the larger hands trading at ICBit once GLBSE shutdown.

This was the first time he ever traded there. Pretty sure it's also the last (for the noted reasons).

I also note that MP has a history of establishing risky short positions

This was/is a long position in any case.

and definitely have no more or less recourse in either case against a nefarious exchange operator.

At the very minimum you get MPEx signed receipts, so you can clearly prove what happens, rather than the situation here where the site does something, then the operator comes and brazenly claims that it didn't. Of particular note:

Nov 17 19:52:16 <_Fireball>   we don't *guarantee* that your ISP maintains perfect connection to the website
Nov 17 19:52:20 <mircea_popescu>   it's not the isp.

[...]

Nov 17 20:22:37 <smickles>   anyway, _Fireball so you suspect connection failure when I still saw the live depth updating?
Nov 17 20:23:43 <_Fireball>   smickles, that sometimes happens, I'm going to investigate the reasons, but ften it's just connection failure

This is barely a step removed from South-East Asian call center support "please reboot your computer" sort of three ring binder talking points bs.

The one thing I find most disturbing about accusations, is that most humans seem to accuse others of those faults, flaws, and outright criminal behavior, that they themselves are guilty of. MPOE-PR, you post about pretty much every other trading related site, in a negative way. I'm starting to wonder how many of your accusations are based in MP's own behavior (and not that of the competing exchange being accused). That notwithstanding, MP's opinion on other exchanges has been pretty well-founded, and predictions of doom have oft been correct. So...................

You know, we aren't the same person. MP is a boy. I am a girl. MP is a business type. I am mostly a writer. On it goes.

What would you practically have me do? After people lost money by being idiots and ignoring the obvious points (ie, for instance, that unlike MPEx GLBSE was quite going to screw the issuers exactly the way it did in the end) people didn't draw the conclusion that "we were idiots and should have listened to MPOE-PR" except in the minority. In the majority they became convinced that "Bitcoin finance doesn't work".

We're committed to making BTC finance work. It may be a larger task than anyone anticipates, it may even be impossible to do, though we don't think so. This attitude whereby one just sits idly by while people think that "they have to trade somewhere" and so they trade with Bitcoinica (which, incidentally, it turns out MP knew was going to fail, for the exact reasons that it did; he discussed this privately with people who actually have money, and I never said anything publicly) and then trade with some ridiculous proposition where some anonymous "Raphael" re-uses that provedly-broken code without even bothering to secure permission, and then they trade with bucket shops like this and on and on, and then they lose on "everything they tried" (cause obviously they only try the things made to be "easy", cause obviously they can't be arsed to use the things made to work because bla bla) and so conclude that "oh, you can't invest in Bitcoins" has to be countered by something.

Yes, we seem to be some of the very few who happen to give two shits. This is easily explained: we do in fact have a vested interest in making BTC finance work. That's fine. But I'd like to revisit a point from an otherwise amply ignored article, just like everything else sensible is ignored around here in favor of hollow groupthink bullshit:

When a small majority* of participants behave irresponsibly however the net result is not just pain to their own fortunes, but pain spread across the board. All of a sudden you have to be very intelligent, and very experienced, and very well informed to manage to keep your money safe, and often enough even that's not going to suffice.

You vote with your BTC. This point has to be understood very, very clearly. If you give your BTC away to scams "because it's easy" instead of investing in sites that actually work you are creating the very environment of perpetual scams, economical and financial irrelevance and ultimately failure.

Having Bitcoins first and foremost means you're responsible for them.

[picobit]

You vote with your BTC. This point has to be understood very, very clearly. If you give your BTC away to scams "because it's easy" instead of investing in sites that actually work you are creating the very environment of perpetual scams, economical and financial irrelevance and ultimately failure.

Having Bitcoins first and foremost means you're responsible for them.

Well said!

That doesn't mean that I agree with the rest of what you have been saying, but it is indeed true that scammers are having it too easy in bitcoin land.

[killerstorm]

Nope. They did try (pushing it down as low as 9.5ish), but failed and eventually seem to have given up.

Which means that MP got some good profit out of this. And now he's complaining?

This was the first time he ever traded there. Pretty sure it's also the last (for the noted reasons).

Yeah, I, too, hate it when I have profit.

This was/is a long position in any case.

Or so you say...

At the very minimum you get MPEx signed receipts, so you can clearly prove what happens, rather than the situation here where the site does something,

Ehm... Suppose there is a connection problem and you DIDN'T get a signed receipt.

Now what, can you prove that you HAVEN'T got it? You don't even know whether server registered your trade or not.

Do you know a story about Byzantine Generals? Look it up.

BTW trade via colored coins will be Byzantine fault tolerant in some way (due to use of Bitcoin protocol which is Byzantine fault tolerant), while simplistic HTTP-based trade won't be, ever. (Not that it matters that much, but it's nice.)

[MPOE-PR]

Which means that MP got some good profit out of this. And now he's complaining?

Yes.

Yeah, I, too, hate it when I have profit.

Unlike you (apparently), MP has a moral compass.

[killerstorm]

Unlike you (apparently), MP has a moral compass.

Oh, I see. So punishing "the manipulator" OR scammy exchange operator is against MP's moral. I knew it.

Maybe I'm missing something, but to prove his point MP just needs to up the ante. If ICBIT is a bucket shop it would be out of business (or MP will be out of his money, hehe).

Or did you mean that MP is a pussy who cannot put money where his mouth is, and that is his moral compass?

Girl, please stop trying painting MP as a saint. He got some evidence against ICBIT, we get that. Pushing it further just doesn't look good. You don't seem to understand all intricacies of the business, and cheap propaganda just doesn't work.

[MPOE-PR]

Maybe I'm missing something, but to prove his point MP just needs to up the ante. If ICBIT is a bucket shop it would be out of business (or MP will be out of his money, hehe).

So basically, here's a bucket shop working suckers out of a few bitcoins a day. MP comes by, risks a few hundred BTC of his own money, establishes some points. Your retort is that "he's a pussy" because he's not dumping more money into the scam.

Are you in any way involved?

[killerstorm]

So basically, here's a bucket shop working suckers out of a few bitcoins a day. MP comes by, risks a few hundred BTC of his own money, establishes some points.

Evidence he collected so far isn't enough, IMHO.

Your retort is that "he's a pussy" because he's not dumping more money into the scam.

Well, if he wants to continue with accusations, he probably needs to dump more money.

But I was commenting on your "moral compass" comment. Clearly it is not about moral compass, it is about risk. You just didn't know how it works, did you?

Are you in any way involved?

Well, I have ~4 BTC balance on ICBIT now. Also I discussed futures exchanges with Fireball is summer of 2011. That's all.

[rini17]

At the very minimum you get MPEx signed receipts, so you can clearly prove what happens, rather than the situation here where the site does something,

Ehm... Suppose there is a connection problem and you DIDN'T get a signed receipt.

Now what, can you prove that you HAVEN'T got it? You don't even know whether server registered your trade or not.

Do you know a story about Byzantine Generals? Look it up.

BTW trade via colored coins will be Byzantine fault tolerant in some way (due to use of Bitcoin protocol which is Byzantine fault tolerant), while simplistic HTTP-based trade won't be, ever. (Not that it matters that much, but it's nice.)

You miss the point. The Byzantine generals situation would be akin to completely cut. communication, no technology will help here. And colored coins are still vulnerable to doublespend attacks if not done properly. GPG has years of development and fixes behind it and allows for immediate verification without waiting for blochchain confirmations.

In case of MPEx, you are supposed to issue STAT call to verify your order whereabouts, you get signed response for that as well. Alternatively, all orders are shown in public market depth data and all trades go to twitter.. So this problem is practically solved,  you do have tools to get the information beyond doubt. It will be better to ask such transparency from other exchanges instead of waiting for some colored coins wonder that will supposedly solve all problems.  

[MPOE-PR]

Ehm... Suppose there is a connection problem and you DIDN'T get a signed receipt.

Well, since we're discussing this: your computer sends a SYN. The MPEx server goes SYN-ACK. Your computer goes ACK. The TCP connection is not established. Your computer goes POST. The MPEx server responds to that POST. Your failure scenario was that somehow right after the POST but right before the response completion the connection drops. This scenario is possible in theory, but not quite comparable with the general "oh maybe the connection failed we'll investigate" alternative.

Moreover, your transaction will still show either in the book (which MPEx publishes) or in the trade stream (which MPEx also publishes). Alternatively, if the connection failed before that magic moment, the transaction simply wouldn't ever be issued (which again you can verify in the same manner). Again comparing this with something as vague as "we'll investigate" and "we don't publish anything but we keep private logs of all trades which then we retroactively edit without announcing it, explaining it or even admitting it" is quite the stretch.

[smickles]

…
The one thing I find most disturbing about accusations, is that most humans seem to accuse others of those faults, flaws, and outright criminal behavior, that they themselves are guilty of. MPOE-PR, you post about pretty much every other trading related site, in a negative way. I'm starting to wonder how many of your accusations are based in MP's own behavior (and not that of the competing exchange being accused). That notwithstanding, MP's opinion on other exchanges has been pretty well-founded, and predictions of doom have oft been correct. So...................
…

spooky

[killerstorm]

Well, since we're discussing this: your computer sends a SYN. The MPEx server goes SYN-ACK. Your computer goes ACK. The TCP connection is not established. Your computer goes POST. The MPEx server responds to that POST. Your failure scenario was that somehow right after the POST but right before the response completion the connection drops. This scenario is possible in theory, but not quite comparable with the general "oh maybe the connection failed we'll investigate" alternative.

I'm rather bored with this discussion. You are dense. I'll try to spell it out for you one more time, but this is the last time...

OK, let's consider it from user's perspective. User tries to submit order to MPex. His user agent "hangs". User doesn't know whether his order was accepted. He waits for some time, let's say 30 seconds, then clicks "stop" button and tries to check whether order was accepted by other means.

Let's say order was not accepted, then user will try to re-submit it.

Suppose it was time sensitive like it was with smickles order. How is MPex going to explain why order wasn't accepted immediately? Most likely response is "oh maybe the connection failed we'll investigate": connection failure is indeed the most likely cause, but it is a good idea to check server logs.

If user was running Wireshark, or maybe just in-browser debugger like firebug, he would know more about this failure, but let's just say a typical user doesn't run Wireshark so it doesn't matter.

Now let's consider a bit more complex case: suppose that packet which was carrying request body was buffered at some router between user's computer and MPex server and was "in flight" for some considerable time, e.g. 1 minute. It's possible in case of congestion, packet loss/retransmission, routing problems etc.

In that case we can a situation like this: 1) user clicks "stop" button in browser, but it doesn't stop packets which are already in flight; 2) user checks state, it says that order is not accepted; 3) now those packets which are in flight arrive to server and it actually accepts the offer. Whoopsie.

It isn't simply theoretically possible, this actually happens. Say, when I use ssh sometimes it freezes and I see what I typed after a significant delay.

So... How is this different on ICBIT? I don't know. As I understand, there is no progress indicator, but it is not a fundamental flaw, it can be trivially added. Otherwise, situation is identical.

It is completely independent from transparency issues, I agree that use of PGP signatures and full transaction log are desired features.

But that wouldn't have helped smickles. On the other hand, Wireshark could: he could see whether he got SYN-ACK and whether server ACKnowledged that it received POST body. Having that log he could prove that problem is indeed at ICBIT's side. (Sort of, ACK isn't signed... But it would be a good evidence.) Unless ICBIT blocked him via IP address on firewall (iptables TARPIT). Then he would need to use pathping to collect evidence...

Anyway, you need to learn a bit more about how networking works (just knowing about SYN-ACK isn't enough), and how to consider concurrency problems (i.e. you need to consider all possible event orderings for all participants). Also you have serious problems with logic. ("MPex uses PGP signatures, and thus ICBIT sucks". Really?)

[smickles]

…
Now let's consider a bit more complex case: suppose that packet which was carrying request body was buffered at some router between user's computer and MPex server and was "in flight" for some considerable time, e.g. 1 minute. It's possible in case of congestion, packet loss/retransmission, routing problems etc.

In that case we can a situation like this: 1) user clicks "stop" button in browser, but it doesn't stop packets which are already in flight; 2) user checks state, it says that order is not accepted; 3) now those packets which are in flight arrive to server and it actually accepts the offer. Whoopsie.
…

I believe, in this case, a STAT would determine if the order was accepted or not.

[killerstorm]

You miss the point. The Byzantine generals situation would be akin to completely cut. communication, no technology will help here.

See my reply to MPOE-PR. Use of simple HTTP requests is a bit too fragile: any network congestion can leave order in a dangling state where it can arrive to server at any time. And checking that won't help you, as you're checking current state, but you cannot remove packets which are already in flight.

And colored coins are still vulnerable to doublespend attacks if not done properly.

Colored coin exchange will be based on "atomic coin swap" transactions. Double-spend can only cancel such transaction if it is included into blockchain faster, but it won't be possible to steal anybody's coins.

There is a lot of other useful traits:

• after you've got counter-party's signatures you'll be able to demonstrate that he isn't trustworthy if he double-spends
• transaction is either included into a block or it is not, there is no dangling state
• you can chain several transactions together, if one fails due to double-spend dependent transactions will get canceled automatically

GPG has years of development and fixes behind it and allows for immediate verification without waiting for blochchain confirmations.

Um, what? GPG is simply a digital signature/encryption software. Bitcoin transactions are also digitally signed, but they are also included into blockchain to ensure there are no double-spends. It's an extra protection on top of what GPG can provide.