Hexah
|
|
March 27, 2014, 07:08:12 AM |
|
thanks for sharing the info but I for one never really believed what Gox had said was even remotely true mainly because if that was the case I'd suspect there would have been more transparency after the fact.
+1 This story was shady from the start. Some kind of malleabilty that no one can comprehend... jesus it was a biggest bitcoin exchange how can they fail so miserably?
|
|
|
|
keatonatron
Sr. Member
Offline
Activity: 308
Merit: 250
Jack of oh so many trades.
|
|
March 27, 2014, 07:54:37 AM |
|
Some kind of malleabilty that no one can comprehend... Although I agree with you 100% on the dubious nature of Gox's story, I have to argue one point. Many people can, and do, understand the malleability just fine. It is a real thing and was documented a long time ago. But no, it most likely didn't cause the downfall of Gox.
|
1KEATSvAhbB7yj2baLB5xkyJSnkfqPGAqk
|
|
|
Mitchell
Staff
Legendary
Offline
Activity: 4102
Merit: 2314
Verified awesomeness ✔
|
|
March 27, 2014, 07:58:00 AM |
|
What a surprise!
|
| | | . Duelbits | | | ▄████▄▄ ▄█████████▄ ▄█████████████▄ ▄██████████████████▄ ▄████▄▄▄█████████▄▄▄███▄ ▄████▐▀▄▄▀▌██▄█▄██▐▀▄▄▀▌███ ██████▀▀▀▀████▀███▀▀▀▀█████ ▐████████████■▄▄▄■██████████▀ ▐██████████████████████████▀ ██████████████████████████▀ ▀███████████████████████▀ ▀███████████████████▀ ▀███████████████▀ | | | | | . ▄ ▄▄▀▀▀▀▄▄ ▄▀▀▄ █ █ ▀▄ █ ▄█▄ ▀▄ █ ▄▀ ▀▄ ▀█▀ ▄▀ ▀█▄▄▄▀▀ ▀ ▄▀ ▄▀ ▄▀
Live Games | | ▄▄▀▀▀▀▀▀▀▄▄ ▄▀ ▄▄▀▀▀▀▀▄▄ ▀▄ ▄▀ █ ▄ █ ▄ █ ▀▄ █ █ ▀ ▀ █ █ ▄▄▄ █ ▀▀▀▀▀▀▀▀▀▀▀▀▀ █ █ █ █▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█ █▄█ █ ▀▀█ ▀▀█ ▀▀█ █ █▄█
Slots | | . ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▄ █ ▄▄ █ ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▄ █ █ ▄▄ █ █ █ █ █ █ ▄▀▀▄▀▀▄ █ █ █ ▀▄ ▄▀ █ █
Blackjack | | | | █▀▀▀▀▀█▄▄▄ ▀████▄▄ ██████▄ ▄▄▄▄▄▄▄▄█▀ ▀▀█ ████████▄ █ █████████▄ █ ██████████▄ ▄██ █████████▀▀▀█▄▄████ ▀▀███▀▀ ████ █ ███ █ █▀ ▄█████▄▄▄ ▄▄▀▀ ███████▀▀▀ | | | | | | | | | | [ Đ ][ Ł ] AVAILABLE NOW | |
Advertisements are not endorsed by me.
|
|
|
porqupine
|
|
March 27, 2014, 08:38:41 AM |
|
Is it definite that you would have received both copies of a malleable transaction on the Nodes in question?
|
|
|
|
TheCoinFinder
Legendary
Offline
Activity: 938
Merit: 1001
|
|
March 27, 2014, 09:23:11 AM |
|
http://arxiv.org/abs/1403.6676 <-- non-obscured link While I suspect that their conclusion is correct, I really take exception to their methodology and assumptions. Mostly, they assume that a mutation will be visible as a double spend. However, the reference client's behavior regarding relaying transactions with degenerate signatures changed, so a sparse sensor network would likely only see the mutated transaction instead of a pair. I think that given bitcoin's 10 minute timeframe for rounds, and their decent connection of nodes, it is reasonable to assume that they customised clients logged the majority of such transactions.
|
|
|
|
Lethn
Legendary
Offline
Activity: 1540
Merit: 1000
|
|
March 27, 2014, 09:30:47 AM |
|
thanks for sharing the info but I for one never really believed what Gox had said was even remotely true mainly because if that was the case I'd suspect there would have been more transparency after the fact.
+1 This story was shady from the start. Some kind of malleabilty that no one can comprehend... jesus it was a biggest bitcoin exchange how can they fail so miserably? I think this is less for us and more for the morons out there who don't know anything about Bitcoin, part of the problem that MTGOX became was the fact that the media was giving them so much free advertising so of course all the new people who had never heard of Bitcoin before went there for Bitcoin trading, since they didn't know any better and didn't do research they got conned. I'm convinced now that Mark is going to prepare to run off the moment he gets his chance as all the evidence starts coming out about what he's been up to if he hasn't got a plan already, I'd be very surprised if he ends up in jail because governments just refuse to learn anything about how Bitcoin works especially since we've had our first major case of fraud with lots of victims involved.
|
|
|
|
fryarminer
|
|
March 27, 2014, 09:34:52 AM |
|
we merely observed a total of 302,000 bitcoins ever being involved in malleability attacks. Of these, only 1,811 bitcoins were in attacks before MtGox stopped users from withdrawing bitcoins. My question is, if only 1,811 bitcoins were attacks on Mt Gox, where are the 300,189 others stolen from?
|
|
|
|
broolstoryco
Member
Offline
Activity: 76
Merit: 10
Enemy of the State
|
|
March 27, 2014, 09:45:39 AM |
|
we merely observed a total of 302,000 bitcoins ever being involved in malleability attacks. Of these, only 1,811 bitcoins were in attacks before MtGox stopped users from withdrawing bitcoins. My question is, if only 1,811 bitcoins were attacks on Mt Gox, where are the 300,189 others stolen from? no one said they were stolen from anywhere.
|
|
|
|
renfr
Member
Offline
Activity: 98
Merit: 10
|
|
March 27, 2014, 09:54:51 AM |
|
Another goxxing, it never stops!
|
BTC ✡ BTC Defeat jihad, support Israel against terror - כל הכבוד לצה"ל BTC ✡ BTC End the FED, end the fractional reserve banking, support Ron Paul.
|
|
|
Aditya
|
|
March 27, 2014, 10:14:50 AM |
|
It seems that hacker messed Mt Gox Off-Chain Bitcoin Balance.
|
|
|
|
sturle
Legendary
Offline
Activity: 1437
Merit: 1002
https://bitmynt.no
|
|
March 27, 2014, 10:20:36 AM |
|
We just published some results about the use transaction malleability in the Bitcoin network with a special focus on MtGox:
How did you pick up the vulnerable transactions? Those weren't relayed through the bitcoin network, just published through their API. With signatures which were mutable into standard format. (Which we can assume the attacker did for his own transactions.)
|
Sjå https://bitmynt.no for veksling av bitcoin mot norske kroner. Trygt, billig, raskt og enkelt sidan 2010. I buy with EUR and other currencies at a fair market price when you want to sell. See http://bitmynt.no/eurprice.plWarning: "Bitcoin" XT, Classic, Unlimited and the likes are scams. Don't use them, and don't listen to their shills.
|
|
|
Sherman
Newbie
Offline
Activity: 6
Merit: 0
|
|
March 27, 2014, 10:31:54 AM |
|
1. The data started in January 2013, so it's possible Gox was hit much harder in previous years. Although that would also mean the amount of time they spent oblivious to the problem increases.
Who said they were oblivious to the problem? They may have been operating as a fractional reserve since before 2013.
|
|
|
|
caveden
Legendary
Offline
Activity: 1106
Merit: 1004
|
|
March 27, 2014, 11:00:06 AM |
|
My question is, if only 1,811 bitcoins were attacks on Mt Gox, where are the 300,189 others stolen from?
IIRC, once the malleability issue was revealed, some assholes started a DoS with it. They were mutating every transaction that went through them, only to fuck the network. That's probably what accounts for these +300k BTC. They were not stolen.
|
|
|
|
porqupine
|
|
March 27, 2014, 11:07:56 AM |
|
Still not sure about this - if for example Gox had a private arrangement with a certain mining pool, that would not re-broadcast it's transactions outside of this pool, could not someone take said transactions and broadcast a malleable form to the rest of the Network? The data collection method in the article would not seem to account for such a possibility.
|
|
|
|
sturle
Legendary
Offline
Activity: 1437
Merit: 1002
https://bitmynt.no
|
|
March 27, 2014, 11:12:38 AM |
|
Still not sure about this - if for example Gox had a private arrangement with a certain mining pool, that would not re-broadcast it's transactions outside of this pool, could not someone take said transactions and broadcast a malleable form to the rest of the Network? The data collection method in the article would not seem to account for such a possibility.
The problematic transactions weren't accepted by normal nodes, or relayed, because the signature was on a non-standard format. The transactions were only available through MtGox's API, where an attacker could change the signature into a standard format, mutating it and making it relayable. To me this entire paper seems seriously flawed. The authors haven't understood the issue specific to MtGox.
|
Sjå https://bitmynt.no for veksling av bitcoin mot norske kroner. Trygt, billig, raskt og enkelt sidan 2010. I buy with EUR and other currencies at a fair market price when you want to sell. See http://bitmynt.no/eurprice.plWarning: "Bitcoin" XT, Classic, Unlimited and the likes are scams. Don't use them, and don't listen to their shills.
|
|
|
kjj
Legendary
Offline
Activity: 1302
Merit: 1026
|
|
March 27, 2014, 11:40:20 AM |
|
http://arxiv.org/abs/1403.6676 <-- non-obscured link While I suspect that their conclusion is correct, I really take exception to their methodology and assumptions. Mostly, they assume that a mutation will be visible as a double spend. However, the reference client's behavior regarding relaying transactions with degenerate signatures changed, so a sparse sensor network would likely only see the mutated transaction instead of a pair. I think that given bitcoin's 10 minute timeframe for rounds, and their decent connection of nodes, it is reasonable to assume that they customised clients logged the majority of such transactions. A bit difficult to log something that you can't see because no one will relay, don't you think?
|
17Np17BSrpnHCZ2pgtiMNnhjnsWJ2TMqq8 I routinely ignore posters with paid advertising in their sigs. You should too.
|
|
|
dserrano5
Legendary
Offline
Activity: 1974
Merit: 1029
|
|
March 27, 2014, 11:48:36 AM |
|
The problematic transactions weren't accepted by normal nodes, or relayed, because the signature was on a non-standard format.
I seem to recall that this was first enforced on some recent version of bitcoin (0.8.6?), which is precisely what precipitated the gox demise.
|
|
|
|
hilariousandco
Global Moderator
Legendary
Offline
Activity: 3990
Merit: 2713
Join the world-leading crypto sportsbook NOW!
|
|
March 27, 2014, 11:52:22 AM |
|
Thank you, looks like TM was just a convenient excuse for MK.
I thought pretty much everybody assumed this was most likely the case.
|
|
|
|
pabloangello
Legendary
Offline
Activity: 1344
Merit: 1001
|
|
March 27, 2014, 12:00:10 PM |
|
All of these China bans and unbans also MtGox stolen, then possibly found GoxCoins etc. looks like one big market manipulation before next bitcoin boom I now, conspiracy theory but who knows, the truth can be shocking like history has proven many times.
|
|
|
|
b!z
Legendary
Offline
Activity: 1582
Merit: 1010
|
|
March 27, 2014, 12:13:27 PM |
|
Very interesting. Thank you for sharing.
|
|
|
|
|