Topic: NECESITO QUE ME ECHEIS UN CABLE. (Read 1823 times)

[2014-02-07 05:06:11] < gmaxwell> I talked to him some a while back and offered support, an gave some
                      advice. It's my belief that the original issues are likely fixed now and there
                      is just a cluster-@#$@# of double spent transactions that needs to be sorted.
[2014-02-07 05:07:08] < gmaxwell> dizko: I believe they're all failing now because they're frequently
                      spending previously spent inputs not due to non-canonical signatures.
[2014-02-07 05:08:05] < gmaxwell> dizko: no, they had two original problems. One was that they were
                      spending immature coins, resulting in transactions which _couldn't_ be
                      confirmed for up to 100 blocks.
[2014-02-07 05:08:38] < gmaxwell> And their wallet tracking problems were such that this wasn't
                      trivially fixed.
[2014-02-07 05:09:05] < gmaxwell> the other was that they were producing signatures was invalid der 
                      encodings (excessively padded) which the bitcoin nodes stopped relaying and 
                      mining in 0.8+
[2014-02-07 05:09:22] < gmaxwell> dizko: there appears now to be a third issue
[2014-02-07 05:10:05] < gmaxwell> dizko: which is that if someone helpfully 'fixed' the R,S 
                      non-canonication by removing the excess padding and the network confirmed the 
                      transaction mtgox's software wouldn't notice and would attempt to spend the 
                      same inputs in a future transaction.
[2014-02-07 05:11:53] < gmaxwell> dizko: the reason for this is that the 'fixed' transactions had a
                      different transaction ID and thus were ignored by their software.
[2014-02-07 05:14:17] < gmaxwell> dizko: in any case, as phantomcircuit pointed out here the 
                      non-recognition of the mutated transactions may have caused doubled payments. 
[2014-02-07 05:15:11] < gmaxwell> so now, I _imagine_, there is now a huge mess to sort out which of
                      the reissued transactions were really originally confirmed and thus mistakingly
                      refunded / reissued to the customer.
[2014-02-07 05:15:27] < gmaxwell> (e.g. and they may have been robbed a bit in the process)
[2014-02-07 05:18:42] < gmaxwell> modrobert: Yes. Or at least reissued and issued.  E.g. they make a
                      payment to you that gets stuck, someone helpfully fixes the payment and helps
                      it go through, then mtgox notices the transaction is stuck— but doesn't notice
                      the fixed transaction because it has a different txid— and tries it again
                      using different inputs. Perhaps both go through.
[2014-02-07 05:19:17] < gmaxwell> Then you have the software thinking that the original coins the 
                      first transaction spend were unspent, and it tries to use them on someone elses
                      transaction— and so that one gets stuck too.
[2014-02-07 05:20:39] < gmaxwell> This mostly stems from a minor design flaw in the Bitcoin protocol
                      that we've been slowly removing— that Bitcoin transactions can be mutated by
                      third parties to change their TXIDs— (it's difficult to remove since wallets
                      must change their signing behavior)... plus mtgox's custom wallet software
                      failing to handle the bad things that the design flaw results in. 
[2014-02-07 05:21:24] < gmaxwell> modrobert: right but there are _other_ non-stuck transactions which
                      spent the coins that the stuck transactions were trying to spend. Sorry, it's a
                      bit difficult to explain this to you because you've likely been misinformed
                      about how Bitcoin works under the hood.
[2014-02-07 05:23:12] < gmaxwell> oakpacific: nah, the nature of the bug was that it would only be
                      eronious some percentage of the time. The problem was that they were making the 
                      signatures fixed length (e.g. always 34 bytes or whatever) and sometimes the 
                      numbers in the signature were smaller and so the signature should have been
                      smaller.
[2014-02-07 05:27:21] < gmaxwell> modrobert: so mtgox has some software problems due to not 
                      accomidating a surprising design error in bitcoin, where they've lost track of
                      which coins of theirs are already spent or not, and they keep spending them
                      over again.
[2014-02-07 05:27:46] < gmaxwell> (the design error in bitcoin being that a third party can change
                      the txid of your own transactions)
[2014-02-07 05:28:18] < dizko> gmaxwell: shouldnt they just export their private keys and import them
                      into a working wallet?  they can stop withdrawals for the weekend and come back
                      with clean outputs to spend
[2014-02-07 05:29:12] < gmaxwell> dizko: maybe they're doing that now, with their fantastic
                      communication skills you wouldn't know! :)  they also have to make sure they
                      don't let anyone withdraw funds they already got.
[2014-02-07 05:29:48] < gmaxwell> dignork: https://en.bitcoin.it/wiki/Transaction_Malleability   (I  
                      haven't (recently) reviewd that page, so I can't vouch for its accuracy on the 
                      details)
[2014-02-07 05:31:10] < gmaxwell> Magicaltux used to talk here a lot but I think he made problems for 
                      himself in doing so. e.g. speaking prematurely or on speculation.  It's
                      especially hard to communicate when you have to contend with regulators trying
                      to shut you down and lawsuits and such— anything you say could be prejudicial
                      to these interests.
[2014-02-07 05:32:44] < gmaxwell> I have gotten the impression that a lot of the gnarly core
                      technical stuff is being done by magicaltux personally and that he simply
                      doesn't have the bandwidth for that on top of the legal and regulatory matters,
                      especially at gox's current siz.e
[2014-02-07 05:32:45] < drenllateno> "gmaxwell  (the design error in bitcoin being that a third party
                      can change the txid of your own transactions)" Can this be changed or fixed?
[2014-02-07 05:34:11] < gmaxwell> drenllateno: we're fixing it, but it will take years to fix
                      completely because all sigining software must be updated.  The first concrete
                      step towards this was forbidding excessively padded transactions in bitcoin
                      0.8. Because mtgox was still producing these transactions some times this
                      contributed to their initial issues, highlighting how hard and dangerous fixing
                      this stuff is.

[…]

[2014-02-07 06:43:39] < gmaxwell> 20:29 < gmaxwell> dizko: maybe they're doing that now, with their
                      fantastic communication skills you wouldn't know! :)   <<  There we go:
                      https://www.mtgox.com/press_release_20140207.html