Topic: Bitfinex HACKED - funds stolen ! - page 18. (Read 32160 times)

The kind of verification you/we all desire cannot happen at bitfinex, they just won't allow it, how else would they be able to steal your bitcoins next time? It was an inside job, blamed on hackers, the hackers were themselves, helping themselves to 120K bitcoins. Clever bitches. I hear they're preparing to re-open again. You fool me once...

Probably not so much, because they only settled accounts to the blockchain once per day. The exception being, if you bought bitcoins and immediately requested to withdraw them. That already took 15-45 minutes generally. Not sure how much this would really add.


They certainly signed transactions they shouldn't have signed. Even if they were internal transfers, that kind of volume (above, say, 20k or 30k) should trigger a circuit breaker. A telephone call, some kind of second step verification...something, rather than simply auto-signing for 120k bitcoins.

"Yeah only btc got jacked, but if you used our exchange you now have 30% less than you did. "

Why do exchanges need centralized wallets? If everything is on the chain shouldn't you be able to use your own private wallet to trade? Why is there no exchange where you input your address and use that instead of having to deposit to the exchange? The exchange could pull the data on how many coins are in the address. You aren't supposed to be able to double spend thanks to the infallible block chain so it shouldn't be an issue of "what if the funds aren't actually in the wallet" Seems not so difficult imo. Yet we all take part in this bullshit of giving out money to some anonymous assholes in hopes that it will be safe. Is cryptsy even around any more? That was THE exchange for how long. The system is flawed. By continuing to use it it just gives free license for this shit to take place time and time again. All for what? trading coins like they are stocks. People realize how fucking idiotic this is, no? It is almost, almost, as stupid as the good faith of the us of a backing the value of the dollar. ALMOST.

What do i know? Random douche bag behind a screen all the same. I know none of this feels right though.

I think this would slow down the process of being able to sell bitcoin on their platform, as well as the ability to to debit customers' losses when they have leveraged losses.

The problem with BitGo is that they signed transactions that they should not have signed. I speculate that BitGo was signing transactions they believed to be "internal transfers" between bitfinex accounts, which I suspect are not subject to the limits that bitfinex set, although this is speculation.

Apparently...

So customers can take losses like an investor of bitfinex (even though they are just customers) but can't benefit from corporate profits of bitfinex.

You and me both are taking a hit.  My first time as well.  At 36.067% I'm looking at losses of approximately $10,116.66.

I agree about the high volume/high frequency trading.  That's why I had part of my funds on BitFinex. 

Are you talking about a decentralized exchange?

What it all boils down to..... it's basically impossible to find the liquidity that high volume/high frequency traders need outside of centralized exchanges. It's an unfortunate state of affairs, and one that I'm losing money over (for the first time). I wonder what things may look like in 5-10 years.

I'm staying away from them as well.  Hardware wallets are the best way to go in terms of storing bitcoins.  However, this was an exchange.  BlockNet [And similar exchanges], appear to be the way to go in the future for trading.  It's currently in beta.

It seems to me BitGo was only interested in profits instead of TRUE security.

Too little, too late for BitGo. They are done after this. A bitcoin security firm cannot recover from co-signing 120k BTC in fraudulent transactions -- automatically and instantly. Their reputation is completely ruined, and if it were a serious comment (LOL), I would say, stay as far away from that company as you can. Because it will hurt your reputation, too.

+1
you may ask BitGo to serve as the Chief Compliance Officer for +250k USD per year.  

I don't store my goods on bitfinex but i am so sad that people doing this stuff to stole other people money, at my opinion, everyone should earn money by himself.

The following IS THE WAY in which BitFinex should have used multi-sig wallets for customer accounts:

1.  The "customer" should have one of the 3 keys.
2.  It is MANDATORY the "customer" key be used to withdraw funds from their account in conjunction with Finex key.
3.  BitFinex would not be allowed to withdraw funds from a "customer" account without the permission of the "customer" via the "customer" key.
4.  BitFinex would not be allowed to withdraw funds from a "customer" account in conjunction with BitGo key without BitGo receiving permission DIRECTLY FROM THE CUSTOMER via email and/or 2FA.
5.  If the "customer" lost their key, this is the ONLY TIME BitGo key would be used to withdraw funds.  HOWEVER, the "customer" would have to be the one to give BitGo permission VIA EMAIL directly with BitGo in order for BitGo to use BitGo's key with BitFinex key to withdraw funds.

It's really quite simple.  It's common sense.  WHY it was not done this way is beyond comprehension.  The key that BitFinex held in cold storage SHOULD have been the "customer's" key; NOT BitFinex's secondary key.  They might as well throw that cold storage key in the trash.  It was never going to be used unless BitFinex lost the key they were using.

A multi-sig wallet should also have a 4th key held in cold storage by BitGo to be used only in the event BitFinex AND the customer lost their keys.

EDIT:  WHY, BitGo did not INSIST it be done this way as the terms of doing business with BitFinex is sickening as well.

Many people will take the 64% and run, knowing what a bankruptcy would cost them. They would lose much more than 36%. And it would take them years to get back whatever scraps they do get.

There is also another problem: Bitfinex is set up in a way that is difficult to litigate against. If it ever got to the point that the US Feds seized their known assets and bitfinex.com, the owners would just take any assets that were left and flee.

That's a good point. Their lawyers and accountants may find a loophole or something, but if these tokens aren't really liabilities, why should people accept them for their losses? There will be a class action demanding complete and immediate return of the assets. Bitfinex will lose in court and may go bankrupt.

Technically they are not insolvent if they remove the liabilities from their books. These tokens would likely come with terms that they do not guarantee anything (hence are not real liabilities). So while the tokens may or may not actually pay out some dividends in practice, they don't have the same effect on solvency (from an accounting perspective, and possibly from a legal perspective).

Thank you for that Mr Government

I would not rule out these supposed hacks being by the NSA or some other agency.

They  ( most gov's ) must be scared of BTC

Bitcoin.com covers hack:

Blocknet: Exit Centralized Exchanges Now Amid ‘Damaged Confidence’
https://news.bitcoin.com/blocknet-centralized-exchanges/

Well, the market hates the unknown, and loves resolution. I guess knowing that the other 64% of the liquidity is going to come back to the market, and knowing that Bitfinex [might be] okay in the immediate future (as in, customer assets were not completely decimated), might be fundamentally good news for the market.

I'm not sure how this socialized loss stuff plays out legally, though.