Pages:
Author

Topic: MtGox source code leaked ... (Read 19047 times)

donator
Activity: 1218
Merit: 1079
Gerald Davis
March 07, 2014, 10:22:44 PM
#91
Well to Marks credit there is more than one anti-pattern in the code.   
sr. member
Activity: 434
Merit: 250
In Hashrate We Trust!
March 07, 2014, 10:20:02 PM
#90
The MtGox code is worst practice of coding and security... I bet Mark Karpeles never heard about "design patterns".
https://en.wikipedia.org/wiki/Software_design_pattern

Design Patterns: Elements of Reusable Object-Oriented Software
http://www.amazon.com/Design-Patterns-Elements-Reusable-Object-Oriented/dp/0201633612
sr. member
Activity: 364
Merit: 250
American1973
March 07, 2014, 02:19:51 AM
#89
This fits weel here:

Quote
http://mag.newsweek.com/2014/03/14/bitcoin-satoshi-nakamoto.html

[...]

In addition, the code was not always terribly neat, another sign that Nakamoto was not working with a team that would have cleaned up the code and streamlined it.

"Everyone who looked at his code has pretty much concluded it was a single person," says Andresen. "We have rewritten roughly 70 percent of the code since inception. It wasn't written with nice interfaces. It was like one big hairball. It was incredibly tight and well-written at the lower level but where functions came together it could be pretty messy."

So, this is a very educational thread.  Thanks all.

edit

I'll tell you what, this Satoshi guy they found, is exactly like so many programmers I have supported as a tech in the US.  He comes out and says "where's my free lunch?!"  Hahaha, a genius savant Japanese guy who will never admit to bitcoin and who write "hairball" assembly level code that changes the entire world.

Like a sir.
full member
Activity: 142
Merit: 100
March 06, 2014, 06:27:22 AM
#88
this is probably the code which allowed the leak of the 800 000 bitcoins.
newbie
Activity: 28
Merit: 0
March 06, 2014, 02:35:06 AM
#87
I posted about this before.
There are some doubts about its validity.

https://bitcointalksearch.org/topic/mt-gox-source-code-leaked-unsure-about-source-498341
hero member
Activity: 501
Merit: 500
March 06, 2014, 01:36:47 AM
#86
Using PHP for ANYTHING is a recipe for a disaster. (Yes, even using it for the thing it was originally meant for - a simple tool for beginners to make dynamic web content. Ever seen a beginner write PHP code without gaping security holes all around?) Even Perl is much more sane language. Perl at least has consistent block scope.

For web development, I'm strangely drawn toward Node.js at the moment. But anything goes if it does not have to be PHP.
newbie
Activity: 59
Merit: 0
March 06, 2014, 01:15:54 AM
#85
Surely NOT Ruby (way more scary than PHP), and probably not C++/CGI (too esoteric and crashworthy), probably not Python/web (still not ready for the bigtime), and don't even mention Java (the world will be a better place when people finally stop using it).

Nothing wrong with Java running server side.  The security hell that is java applets needs to die.  I personally don't install java client side not because it is any direct risk but out of fear that some browser exploit will enable java applet access.  If java applets were killed off an no longer supported by modern browsers I would have no issue with java client side either.  Most financial institutions and large enterprises use java server side.  

Well there are problems with Java server side - high memory and CPU use, slow execution, occasional required restarting of backend infrastructure, and code bloat (Karpie's Bitcoin PHP class would take 5000+ lines of Java). Also Java server architecture didn't start off HTTP/REST-based - PHP was specifically designed for it (albeit recklessly).  Finally,  Java bugs always take longer to FIND AND FIX than any other language's -  a major cost.
  
The issue isn't so much PHP as the way it was used.  As a side note, you can shoot of your own foot with any programming language, PHP just makes it easier than others.  I would use Python over PHP because dynamic typing and implicit (warningless) conversion between types just makes it to easy to create bugs which only occur run time.  Combine that with no test driven development and you got a recipe for hard to identify bugs.

very true - php5's execution is SCARILY NON-DETERMINISTIC from time to time...

Someone up thread said testing, testing, and testing.  That doesn't mean let me try to manually "test the hell out of this" it means things like unit testing, code coverage, mocking, automated test validation in build process, etc.  That is impossible with the code as written.  The code as written is untestable, unmaintainable, and undocumented.  Everything is a bunch of static methods, magic constants spread throughout, SQL code interspersed with business logic, mixed with formatting.  The few places where a constant should be used they decided to use a literal 100000000 for conversion from satoshi to Bitcoins.  Money values are handled as floats.  Everything is tightly coupled and poorly documented so if Mark ever did bring on additional programmers that would just be a timebomb waiting to go off.  You can get god's gift to programming but if other "lesser" programmers can make fatal mistakes with your code because it is fragile ... it is bad code.

Hard to argue these points - nonetheless the old industry saying of "it's not a bug unless a customer finds it" holds true... With PHP a lot of poop can be swept under the rug or offloaded to the web server...

I forgot to mention node.js as an option for web infrastructure - I am not a fan of anything google and I hate Javascript...

Karpie might be polishing his coding skills up in a cell in the US soon...
legendary
Activity: 1190
Merit: 1001
March 04, 2014, 10:36:54 PM
#84
Where is the rest of the code?

This only seems to contain one PHP class which wraps other classes which are not included here?

http://pastebin.com/W8B3CGiN
sr. member
Activity: 357
Merit: 250
March 04, 2014, 08:45:51 PM
#83
http://forums.graal.in/forums/showthread.php?7661-Is-Stephane-Portha-involved-with-MtGox

who is Stephane Portha (known scammer) and why is he connected with Mt.Gox Mark Karpeles?

http://nekoroy.com/hiddengox.html


legendary
Activity: 4690
Merit: 1276
March 04, 2014, 06:38:51 PM
#82
Oh and it gets worse

Quote
From the IRC chat of Nanashi and other hackers, it seems that the hacker also have access to a 20GB data dump of customer data along with passport scans.

This is much worse.  A whole new slew of lawsuits heading their way.

+1.  Much worse.  I can live without the modest wire they owe me else I would not have requested it.  My ID docs, OTOH, spell a lifetime of hassles.  I have only ever sent high quality identity dox to Mt. Gox.  I they are used by any criminal I'll know exactly where they came from.

I'd estimated that after the 2011 Mt. Gox problems and all the money they should have been raking in, they would have had some professional architects and coders on staff and the data would be a little bit safe (though the support contractors would still have some access to it.)  I'll take some responsibility for mis-estimating here, but only so much.  If my dox are lost/sold, I'm coming for that fat cock sucker.  I've had the patience to HODL BTC for years, and I'll have the patience to see that Karpeles suffers for much longer than that.  And the resources to boot, especially if we see at least one more price run-up.

sr. member
Activity: 357
Merit: 250
March 04, 2014, 06:24:23 PM
#81
interesting
legendary
Activity: 1204
Merit: 1002
March 04, 2014, 05:41:40 PM
#80
Hm. Items of interest:

The code sends emails to "[email protected]" on some errors.  "ookoo.org" is owned by

Mutum Sigillum LLC
220 E. Delaware Ave., #1085
Newark, DE
US

which is a subsidiary of Mt. Gox.

On page 26, there's a private key embedded in the code as a long hex string. Requests involving that private key are rejected.

Bitcoin transactions are sent to "relay.eilgius.st" and "mtgox.relay.eligius.st". That's a mining pool. But that "eligius.st" address is registered to Mutum Sigillum LLC:

DOMAIN: eligius.st

REGISTRATION-SERVICE-PROVIDER: K.K. Tibanne
URL: http://www.tibanne.com/

created-date:    2011-05-10 00:27:33
updated-date:    2014-03-03 04:59:29
expiration-date: 2014-05-10 21:59:59

registrant-organization: Mutum Sigillum LLC
registrant-name:         David Manager (MUT525418A4EC0C7)
registrant-street:       220 E. Delaware Ave., #1085
registrant-city:         Newark
registrant-state:       
registrant-zip:          19711
registrant-country:      US
registrant-phone:       
registrant-fax:         
registrant-email:        [email protected]

admin-organization: Luke Dashjr
admin-name:         Luke Dashjr (KKT5313FE423381E)
admin-street:       8512 Templeton Drive
admin-city:         Omaha
admin-state:        NE
admin-zip:          33523
admin-country:      US
admin-phone:       
admin-fax:         
admin-email:        [email protected]

tech-organization:
tech-name:         Luke Dashjr (KKT5313FE424A57E)
tech-street:       8512 Templeton Drive
tech-city:         Omaha
tech-state:        NE
tech-zip:          33523
tech-country:      US
tech-phone:       
tech-fax:         
tech-email:        [email protected]

billing-organization:
billing-name:         Luke Dashjr (KKT5313FE425CFF3)
billing-street:       8512 Templeton Drive
billing-city:         Omaha
billing-state:        NE
billing-zip:          33523
billing-country:      US
billing-phone:       
billing-fax:         
billing-email:        [email protected]

Mt. Gox was known to have close connections to Eligius, but this is closer than previously thought.

legendary
Activity: 2156
Merit: 1393
You lead and I'll watch you walk away.
March 04, 2014, 04:04:57 PM
#79
Why does the MtGox code send e-mails to Luke-Jr?

IIRC MtGox had a deal where Eligus would include their transactions.

Did that deal end at some point?  If so that may indicate the age of the source?

Collusion between Luke Dashjr and Gox alone should have been enough to keep you away from Gox. When you watch Luke Dashjr at a conference he looks and acts like one of those kids that used to get beat up a lot in school. He's very quiet, stays to himself and a little scary looking. I can see him having 15 decapitated human heads in a freezer in the back of his single wide mobile home with wooden Christian cross hanging in every room and an alter made for his long dead mother on the faux mantle piece.

Wow, that's harsh Smiley

Nah, not really. He's a bastard. Besides being a crippling force on Bitcoins development team, he has used the mining power of so many people without their knowledge to do so many bad things that I find it hard to say anything evil enough to describe him.
full member
Activity: 213
Merit: 100
March 04, 2014, 03:59:17 PM
#78
Why does the MtGox code send e-mails to Luke-Jr?

IIRC MtGox had a deal where Eligus would include their transactions.

Did that deal end at some point?  If so that may indicate the age of the source?

Collusion between Luke Dashjr and Gox alone should have been enough to keep you away from Gox. When you watch Luke Dashjr at a conference he looks and acts like one of those kids that used to get beat up a lot in school. He's very quiet, stays to himself and a little scary looking. I can see him having 15 decapitated human heads in a freezer in the back of his single wide mobile home with wooden Christian cross hanging in every room and an alter made for his long dead mother on the faux mantle piece.

Wow, that's harsh Smiley
sr. member
Activity: 441
Merit: 250
March 04, 2014, 03:23:04 PM
#77
The code isnt't testable in its current state which is exactly for the reasons already mentioned. It is not separated into components.

But it is. Just maybe not the components you would like.

I would not choose this exact design, but it is very far from a ball of mud. It is quite clear what is does, there are methods with proper names, and nothing is obscured by dependencies. If I would be handed this as a legacy codebase to work with I wouldn't find it too bad. I've seen much worse.

What I would miss most here is tests (of course one can write tests for this code, both functional tests and unit tests) and documentation. But that's par for the course considering there seems to have been mostly one developer working on this.
donator
Activity: 980
Merit: 1000
March 04, 2014, 10:27:51 AM
#76
PHP can be used as a non-OOP language, and in fact it's the way it makes most sense to use it since their OOP is an afterthought and doesn't play well with the rest of the characteristics of the language. "1 big superclass" basically fakes that. You can easily re-factor that anyway.

However this does seem like a 1-man weekend project. I wonder if they at least have some docs to go with it elsewhere.

TBF I'm willing to believe this was the production code.
sr. member
Activity: 362
Merit: 262
March 04, 2014, 10:16:36 AM
#75
 I remember seeing something irc where gmaxwell said that the code is likely old.  

Rather than get personal about any members it would be good to know if this older code or newer code.
legendary
Activity: 2156
Merit: 1393
You lead and I'll watch you walk away.
March 04, 2014, 10:11:13 AM
#74
Why does the MtGox code send e-mails to Luke-Jr?

IIRC MtGox had a deal where Eligus would include their transactions.

Did that deal end at some point?  If so that may indicate the age of the source?

Collusion between Luke Dashjr and Gox alone should have been enough to keep you away from Gox. When you watch Luke Dashjr at a conference he looks and acts like one of those kids that used to get beat up a lot in school. He's very quiet, stays to himself and a little scary looking. I can see him having 15 decapitated human heads in a freezer in the back of his single wide mobile home with wooden Christian cross hanging in every room and an alter made for his long dead mother on the faux mantle piece.
newbie
Activity: 23
Merit: 0
March 04, 2014, 10:08:28 AM
#73
I agree. I've worked as a software developer for 15+ years and this really is not that bad compared to some of the code out there. I was honestly expecting worse..

It's all those "rockstar programmers" who spend more time reading blogs than working. Only the object oriented design pattern de jour is the way to go, everything else sucks beyond belief, apparently.

Meanwhile, COBOL code sprinkled with GO TOs run their banks and steer their satellites. The only thing that matters is if the code 1) works and 2) is readable (and most hipster frameworks fail on both accounts).

The difference between serious and amateurish outfits like MtGox is testing, testing, testing and testing. Did I mention testing? And a bunch of people who do not consider themselves rockstars or other silly things who work these systems daily.

The code isnt't testable in its current state which is exactly for the reasons already mentioned. It is not separated into components. That would have a lot of advantages, one og them being testability. The reason that COBOL works in banks is because the code has been running for decades, not because better tools don't exist now.

And OO has been questioned for a long time now with new programming languages even boosting about being non-OO.

You seem to be arguing against your own misconceptions.

I have a hard time believing that someone who's proficient in multiple programming languages would choose PHP for THIS particular job, but it would easily be the right choice if that's the only language he was fluent in.
sr. member
Activity: 362
Merit: 262
March 04, 2014, 09:05:38 AM
#72
Why does the MtGox code send e-mails to Luke-Jr?

IIRC MtGox had a deal where Eligus would include their transactions.

Did that deal end at some point?  If so that may indicate the age of the source?
Pages:
Jump to: