Topic: MtGox withdrawal delays [Gathering] - page 155. (Read 908613 times)

Hey guys!

I know people are pretty sick of the Mt. Gox BTC withdrawal freeze, and are starting to take matters into their own hands...

I saw https://bitcointalksearch.org/topic/mtgox-btc-bidask-455243 and got to thinking.. what if somebody just made an actual BTC exchange between "Real" BTC and "Gox" BTC!

So I did!

Since my https://www.bitcoinbuilder.com/ site had fallen into a little bit of disuse (I made it two years ago... back then it was for using dwolla to automatically buy bitcoins on mtgox!), over the last two days I've re-purposed it to exactly this purpose. And now it's ready to launch!

Advantages of this:

1. People who want to sell gox btc, you know any offers in the order book are legit and will execute immediately. No need for constant PMing and hoping the person willing to buy your gox btc is online right now and still willing to honor their post!
2. People who want to buy gox btc, you can now accept any size order without it being extra work for you. Just place your limit order and forget about it.
3. As the exchange, I am a trusted "escrow" service all in one.. no more sending small amounts piece-by-piece/skyping/etc. (I can be considered "trusted" as a long time member of bitcoin talk.. I'm Josh Jones, founder of DreamHost, the Los Angeles Bitcoin Meetup, ChunkHost.com, BitMadness.com, 310-570-COIN, and so on!)

Note: there's a 2% transaction fee for all trades on bitcoinbuilder, and to be safe your withdrawal BTC addresses (one for "Real" BTC and one for your "Gox" BTC... must be a mtgox deposit address!) are permanently set and locked once you put them in. Also, all withdrawals are processed manually by me, once daily at (around) 11pm PST. That's because no coins are kept on the server at all, you know, just to be super safe!

So, go check it out! I hope it makes sense and you find it useful!

Thanks,
josh!

Goxed and sturled. You can congratulate everyone who listened to the advice of this company of clowns and their useful idiots. (expressed in sturles words and lyrics)

Rules? ahem...

We have that scenario already:

from bitcoinaverage.com :


The CNY and EUR markets agree with the above.


MtGox however:



Edit: Here's a pretty picture: http://www.coinometrics.com/bitcoin/dispersion

You forgot that there is at the least, $50 millions in cash stuck to buy the coins elsewhere. Like it or not, btc economy has much funds stuck with Gox,last month there was like $40 million in open bids compared to roughly $20 million bids total on bitstamp and btc-e.

It was more like: 9 months of nothing from them until they copied the bitcoin code again and updated everything.

I was a bit too fast. It appears that the litecoin team contributed to some testing, bug patches (probably minor) and bitcoin omg wallet but I agree no major bug has been fixed by them so far, it seems.

*hm*
i don't want to interrupt, but all the btc stuck at gox for indefinate time ... does that not mean btc just became a lot more scarce right now?
I think price should go up because people need to buy coins now elsewhere. And 'elsewhere' is not that much left since everybody parked indefinately and very secure on gox. Right?

Don't be too hard on Gox.

Look at it this way:  If you stored your money with the Yakuza, you'd need to hire Wesley Snipes and Sean Connery to go to Japan and get it back.  So, Gox is still viable in terms of loan sharks and so forth?

Remember everyone who knew AOL was total crap, and yet millions upon millions of people rushed to use the AOL install discs and CDs and such?  Well, the desire to jump onto a speeding 500 KPH bullet train to paradise, is always gonna be risked by the arbitragers and so forths.  So, maybe Gox is just a bit understaffed.

Frankly, all IT departments are "cost center" on the balance sheet, so a promoted manager typically will cut IT.  So, for myself, I am impressed tha Gox has gone this far, I suspect it will go farther.  I do believe in magic.

https://www.youtube.com/watch?v=O7ONp-GC7vM

Great post alfabitcoin. I do hope Gox wasn't exploited for months, but its not looking good.

@alfabitcoin  thanks for this information.
As you put it capturing the data would nearly impossible.
unless you were literally sat on there servers.

From reddit:

My view on the latest events at MtGox (self.Bitcoin)
poslano prije 51 minuta*, poslao il--ya
This is my picture of events around so-called Technical Issue in bitcoin protocol, which MtGox uses as a pretext for their ongoing BTC withdrawal block. Just for those who is not aware yet, this is a classical FUD. And already refuted by some core developers and Bitcoin Foundation.
So it started in 2011.
On 24 April 2011 the protocol specification was updated to specify that ASN1/DER encoding should be used for the transaction signature: https://en.bitcoin.it/wiki/Protocol_specification#Signatures
On May 15, 2011, there were some concerns raised, confirmed as a known low-priority issue by Gavin Andresen: https://bitcointalksearch.org/topic/new-attack-vector-8392
Much later this known transaction malleability issue was published in wiki on 21 January 2013: https://en.bitcoin.it/wiki/Transaction_Malleability
There is also a bit of interesting background from GMaxwell: http://www.reddit.com/r/Bitcoin/comments/1x93tf/some_irc_chatter_about_what_is_going_on_at_mtgox/cf99yac
Malleability patches were released in 2012 and 2013: Dec 22, 2012: https://github.com/bitcoin/bitcoin/commit/bffc744444c19e25c60c8df999beb83192f96a8a Aug 15, 2013: https://github.com/bitcoin/bitcoin/commit/a81cd96805ce6b65cca3a40ebbd3b2eb428abb7b Sep 21, 2012: https://github.com/bitcoin/bitcoin/commit/58bc86e37fda1aec270bccb3df6c20fbd2a6591c and probably other other.
If you are familiar with C, look in particular at the lines with text "Non-canonical signature: R value excessively padded" message and "Non-canonical signature: S value excessively padded" - that's the ASN.1/DER encoding deviations which were present in MtGox signatures and reason why some of their transactions were rejected by nodes when format rules in reference clients were tightened.
In spite of all this development activity, as of the end of January, MtGox developers still had no clue what this "Excessive padding" error is about.
This sloppy signature format implementation was the actual reason why it was so easy to exploit this (otherwise mostly hypothetical) vulnerability with MtGox exchange, but not with other exchanges. Other exchanges implement signatures properly, so it would take a lot of luck and/or resources for the hacker to intercept the transaction, modify it and propagate throughout the network faster than the original transaction. In the latest version of the reference client, malformed transactions are rejected, and only properly formed transactions are propagated through the network. So for the hacker to pull the trick, it would indeed require to "alter the transaction fast enough, for example with a direct connection to different mining pools"; but that would be not as easy to "cause the transaction hash alteration to be committed to the blockchain" as MtGox claims in their mendacious statement. It was indeed easy in their case, because the hacker had all the time he needed to replay transaction.
Also, despite false MtGox claim: "It is likely that these services will assume.. have currently no means to recognize the alternative transactions as theirs in an efficient way", other exchanges very likely don't assume, but just follow reference client and use other (efficient enough) ways to track transactions and spent outputs. MtGox assumes here that everybody else is as incompetent as they are, which is beyond my imagination.
To my knowledge (I analized https://data.mtgox.com/api/0/bitcoin_tx.php - list of "stuck" transactions published by MtGox) the oldes spent transactions which they try to re-use go as far back as 10 November 2013 (at least).
So basically since 10 of November their exchange was exploited, and they didn't even notice that. The only "flaw" in bitcoin protocols in this case are humans beings: incompetent, ignorant, complacent and dishonest.
And after all that, they decided to publish their filthy statement, blaming everybody except themselves for their own faults, and not even caring to apologise. They also want to portray themselves as heroes, who save Bitcoin from fatal flaws. Latest rumour was, that they donated 10000BTC to bitcoin foundation to push[might have misinterpreted that] pushing through a completely unnecessary patch into reference client implementation, just to prove their point.
Shame on you, MtGox.
Edit: spelling.

And further. Was there an actual case where someone claimed for TX1 and got paid twice? If so, how much did they get, 5, 10 or 20 BTC?
And MtGox crucifies their entire business operation over a (theoretical) BTC double-payment?  Does VISA kill their whole system because of one credit card fraud?

unable to login now "502 Bad Gateway"

I feel I am missing something here, so gox halted BTC withdrawals claiming that its is the protocol fault, we all agree on the bug and it has been known for a long time now, what I cant understand is how users are effected.

ok take a moment and hear me out, or in other words try to explain to me how this works:

1- I request a BTC withdraw
2- Gox hot wallet is empty
3- now 1000 user requests BTC withdrawals.
4- gox fill up the hot wallet to make it possible to withdraw or at the mean time they get enough deposits to proceed with the withdrawals.
5- the attacker is one of those users who did request a withdraw.
6- gox send TX1.
7- attacker change the TX1 to TX2
8- everyone get their Bitcoins regardless which tx is.
9- attacker claims that he didn't receive the BTC so they check their DB for TX1 and they agree on his claim and credit his account ( but again why, what about the other 999 user).
10- all the 999 user got their bitcoins and no one complains.


if we agree on the 10 steps above, then there is something fishy here, now when I see thousands of customers complaining about not getting Bitcoin withdrawals it makes me wonder how is this possible !!? because my logic tells me the 999 user shouldn't be effected, only the attacker who can claim on being "effected".

but for the last couple of weeks some people got their bitcoins when others didn't, how do we explain this ? anyone try to explain this to me ?

+1  my funds have been held hostage since jan 27  since I paid 25 percent markup to these scum and have gone down from 820 to 620 mark you are raping your cutomers ty for your understanding.

+1
Also, process withdraw NOW. We do not want any service anymore from your exchange and seize to be your customers.
After you return the funds, you can wait to fork or consensus of core devs. Dont keep our funds hostage in order to save mtgox! Fix your customized wallet code without your clients funds!

MtGox will resume bitcoin withdrawals to outside wallets once the issue outlined above has been properly addressed in a manner that will best serve our customers.

Dear Mark, What will best serve me,as your customer, is that you get your act together and find a quick workaround like all other exchanges to finally process btc withdrawals.

But am sure you'll keep saying we ain't doing nothing till bitcoin is forked!

The master problem is, no money.

Isn't it obvious? It is one of those two you mentioned.