Evidence That Transaction Malleability Did Not Bankrupt Mt. Gox. Mark Karpeles pulling a Cassious Coin from behind the photographer’s ear.
Solid research has proven what many bitcoiners have long suspected; transaction malleability did not play a significant, if any, role in the disappearance of 850,000 BTC from Japanese exchange Mt. Gox. Christian Decker and Roger Wattenhofer of ETH in Zurich, Switzerland, combed through the blockchain to tally each instance of a potential transaction malleability attack in order to figure out exactly how much Bitcoin was put at risk by the alleged attacks.
Their research concludes: The transaction malleability problem is real and should be considered when implementing Bitcoin clients.However, while MtGox claimed to have lost 850,000 bitcoins due to malleability attacks, we merely observed a total of 302,000 bitcoins ever being involved in malleability attacks. Of course, 200k BTC was inexplicably “recovered” from a misplaced “old format” wallet earlier this month, which still leaves 650k missing. Gox Goes Belly-up After Losing A Billion Dollars Without Noticing; Blames Fault In Corporate Bookkeeping Protocols. So it’s more or less official: MtGox, once the world’s largest bitcoin exchange, has died and taken all its holdings with it to the grave.
This follows a long string of evasive statements, silence, and strange behavior from the exchange, particularly including bad customer service. The net is full of horror stories of people having lost their money, and claims of a “hack against the vault” are not credible in the slightest – here’s why. In a chaotic situation like this, it’s hard to know exactly what is true. Here are the claims that seem reasonably factish: In persistent rumors of insolvency, “MT Gox” has been pronounced “Empty Gox” for some time in mockery. How much is 744,000 bitcoin? So the question is; how can you not notice one billion dollars gradually disappearing from your company over several years, as has been claimed to be the case? The answer is simple: you can’t. Balance sheet, motherfucker. Live updates to the situation below, as I get them. May Empty Gox burn in hell. Bitcoin “Transaction Malleability” Explained Like You’re 5.
Think of a Bitcoin transaction as a check.
Every check has the sender’s checking account number (input Bitcoins), the recipient’s name (output Bitcoin address), the amount, and a signature. If any of these are tampered with then attempting to redeem the check is illegal and will hopefully be rejected by the bank. With Bitcoin it’s always, 100%, guaranteed enforced by the software running the Bitcoin network. Nothing in Bitcoin is broken in this respect. Now, there’s one other field on every check: the memo.
Say a sender uses an identifier they wrote in the memo field (the transaction hash) to keep track of a check, but the recipient maliciously changes it, then complains to the sender they never received the check. One solution might be to try to outlaw tampering of the memo field. Another solution might be to use the actual check number to keep track of the check (i.e. the “normalized transaction hash” that Mt. Transaction malleability has been documented since 2011. Kudos. Bitcoin Weekly 2014 February 12: Bitcoin-wide transaction malleability attack, Apple blocks bitcoin wallets, Fiverr accepts BTC, and more. Mad drama has once again hit the Bitcoin community as news—both good and bad—continues to stack up.
This week’s attention saw Apple drop Blockchain.info’s web-wallet from their app store citing “an unresolved issue” sparking a massive controversy and even destroyed iPhones (including one shot with a rifle at long range.) Fiverr partnered with BitPay to allow customers to buy short-work services for bitcoins. Transaction Malleability. While transactions are signed, the signature does not currently cover all the data in a transaction that is hashed to create the transaction hash.
Thus while uncommon it is possible for a node on the network to change a transaction you send in such a way that the hash is invalidated. Note that this just changes the hash, the output of the transaction remains the same and the bitcoins will go to their intended recipient. However this does mean that, for instance, it is not safe to accept a chain of unconfirmed transactions under any circumstance because the later transactions will depend on the hashes of the previous transactions, and those hashes can be changed until they are confirmed in a block. (and potentially even after a confirmation if the block chain is reorganized) In addition clients must always actively scan for transactions to them; assuming a txout exists because the client created it previously is unsafe.
Understanding Bitcoin’s transaction malleability problem. In recent days, several Bitcoin exchanges have suspended certain kinds of payments due to “transaction malleability” issues.
There has been a lot of talk about why this happened, and some finger-pointing. In this post, I will try to unpack what “transaction malleability” is and why it has proven to be a problem for some companies. To understand the issue, we need to talk about two core concepts of Bitcoin: transactions and the public ledger. Bitcoin protocol explained.