New research proves: MtGox bitcoins NOT stolen using transaction malleability

[Hexah]

thanks for sharing the info but I for one never really believed what Gox had said was even remotely true mainly because if that was the case I'd suspect there would have been more transparency after the fact.

+1
This story was shady from the start. Some kind of malleabilty that no one can comprehend... jesus it was a biggest bitcoin exchange how can they fail so miserably?

[keatonatron]

Some kind of malleabilty that no one can comprehend...

Although I agree with you 100% on the dubious nature of Gox's story, I have to argue one point. Many people can, and do, understand the malleability just fine. It is a real thing and was documented a long time ago.

But no, it most likely didn't cause the downfall of Gox.

[Mitchell]

What a surprise!

[porqupine]

Is it definite that you would have received both copies of a malleable transaction on the Nodes in question?

[TheCoinFinder]

http://arxiv.org/abs/1403.6676  <--  non-obscured link

While I suspect that their conclusion is correct, I really take exception to their methodology and assumptions.  Mostly, they assume that a mutation will be visible as a double spend.  However, the reference client's behavior regarding relaying transactions with degenerate signatures changed, so a sparse sensor network would likely only see the mutated transaction instead of a pair.

I think that given bitcoin's 10 minute timeframe for rounds, and their decent connection of nodes, it is reasonable to assume that they customised clients logged the majority of such transactions.

[Lethn]

thanks for sharing the info but I for one never really believed what Gox had said was even remotely true mainly because if that was the case I'd suspect there would have been more transparency after the fact.

+1
This story was shady from the start. Some kind of malleabilty that no one can comprehend... jesus it was a biggest bitcoin exchange how can they fail so miserably?

I think this is less for us and more for the morons out there who don't know anything about Bitcoin, part of the problem that MTGOX became was the fact that the media was giving them so much free advertising so of course all the new people who had never heard of Bitcoin before went there for Bitcoin trading, since they didn't know any better and didn't do research they got conned. I'm convinced now that Mark is going to prepare to run off the moment he gets his chance as all the evidence starts coming out about what he's been up to if he hasn't got a plan already, I'd be very surprised if he ends up in jail because governments just refuse to learn anything about how Bitcoin works especially since we've had our first major case of fraud with lots of victims involved.

[fryarminer]

we merely observed a total of 302,000 bitcoins ever being
involved in malleability attacks. Of these, only 1,811 bitcoins were in
attacks before MtGox stopped users from withdrawing bitcoins.

My question is, if only 1,811 bitcoins were attacks on Mt Gox, where are the 300,189 others stolen from?

[broolstoryco]

we merely observed a total of 302,000 bitcoins ever being
involved in malleability attacks. Of these, only 1,811 bitcoins were in
attacks before MtGox stopped users from withdrawing bitcoins.

My question is, if only 1,811 bitcoins were attacks on Mt Gox, where are the 300,189 others stolen from?

no one said they were stolen from anywhere.

[renfr]

Another goxxing, it never stops!

[Aditya]

It seems that hacker messed Mt Gox Off-Chain Bitcoin Balance.

[sturle]

We just published some results about the use transaction malleability in the Bitcoin network with a special focus on MtGox:

How did you pick up the vulnerable transactions?  Those weren't relayed through the bitcoin network, just published through their API.  With signatures which were mutable into standard format.  (Which we can assume the attacker did for his own transactions.)

[Sherman]

1. The data started in January 2013, so it's possible Gox was hit much harder in previous years. Although that would also mean the amount of time they spent oblivious to the problem increases.

Who said they were oblivious to the problem? They may have been operating as a fractional reserve since before 2013.

[caveden]

My question is, if only 1,811 bitcoins were attacks on Mt Gox, where are the 300,189 others stolen from?

IIRC, once the malleability issue was revealed, some assholes started a DoS with it. They were mutating every transaction that went through them, only to fuck the network. That's probably what accounts for these +300kBTC. They were not stolen.

[porqupine]

Still not sure about this - if for example Gox had a private arrangement with a certain mining pool, that would not re-broadcast it's transactions outside of this pool, could not someone take said transactions and broadcast a malleable form to the rest of the Network?
The data collection method in the article would not seem to account for such a possibility.

[sturle]

Still not sure about this - if for example Gox had a private arrangement with a certain mining pool, that would not re-broadcast it's transactions outside of this pool, could not someone take said transactions and broadcast a malleable form to the rest of the Network?
The data collection method in the article would not seem to account for such a possibility.

The problematic transactions weren't accepted by normal nodes, or relayed, because the signature was on a non-standard format.  The transactions were only available through MtGox's API, where an attacker could change the signature into a standard format, mutating it and making it relayable.  To me this entire paper seems seriously flawed.  The authors haven't understood the issue specific to MtGox.

[kjj]

http://arxiv.org/abs/1403.6676  <--  non-obscured link

While I suspect that their conclusion is correct, I really take exception to their methodology and assumptions.  Mostly, they assume that a mutation will be visible as a double spend.  However, the reference client's behavior regarding relaying transactions with degenerate signatures changed, so a sparse sensor network would likely only see the mutated transaction instead of a pair.

I think that given bitcoin's 10 minute timeframe for rounds, and their decent connection of nodes, it is reasonable to assume that they customised clients logged the majority of such transactions.

A bit difficult to log something that you can't see because no one will relay, don't you think?

[dserrano5]

The problematic transactions weren't accepted by normal nodes, or relayed, because the signature was on a non-standard format.

I seem to recall that this was first enforced on some recent version of bitcoin (0.8.6?), which is precisely what precipitated the gox demise.

[hilariousandco]

Thank you, looks like TM was just a convenient excuse for MK.

I thought pretty much everybody assumed this was most likely the case.

[pabloangello]

All of these China bans and unbans also MtGox stolen, then possibly found GoxCoins etc. looks like one big market manipulation before next bitcoin boom
I now, conspiracy theory but who knows, the truth can be shocking like history has proven many times.

[b!z]

Very interesting. Thank you for sharing.