Pages:
Author

Topic: New Mt Gox Press Release - Feb 10 - they are claiming flaw in bitcoin protocol ! - page 16. (Read 33066 times)

full member
Activity: 140
Merit: 107
my current understanding is that bitcoin has to be upgraded. here is, as I understand, the proposal for that upgrade:
https://gist.github.com/sipa/8907691

Quote
To introduce these new rules in the network, we add both nVersion=3 blocks and nVersion=3 transactions (nVersion=2 transactions are skipped in order to keep the version numbers synchronized).

Edit: of course MtGox is to blame. seriously misleading statements from them. my apologies.
legendary
Activity: 966
Merit: 1000
now it is time to buy litecoin !
 Grin
hero member
Activity: 976
Merit: 575
Cryptophile at large
This isn't good at all. Naysayers will have a field day with this. Panic sellers probably gonna panic.

I think that's just happened Sad
sr. member
Activity: 434
Merit: 250
🤖UBEX.COM 🤖
It's 596 from 650 (BTC-e) within 10 minutes. panic selling started.
sr. member
Activity: 434
Merit: 511
Well the good news i think is:
They are not scamming everyone's money like first was assumed, lets not forget that.
I personally was hoping on good news so bitcoin can rise again, but i guess we'll have to wait till this thing settles down.
Untill then this is a good point to buy bitcoins on the lowest price if you dont have any, because im sure the prices wil rise once again!
legendary
Activity: 1734
Merit: 1015
It's a non-issue.... everything is fine with bitcoin.

Gox can just create a new "buffer"address they control, send the coins there and then send it to you. That way they just check the buffer address and its all good...
full member
Activity: 214
Merit: 100
cryptsy seems to be having allot probs but I doubt they are related
newbie
Activity: 1
Merit: 0
Everyone is panic now. Stop selling!!!! Don't be panic!!!
sr. member
Activity: 434
Merit: 250
i don't believe for a second that the problems with mt gox have anything to do with 'a glitch in the matrix'
I use several exchanges and gox has been the only one giving problems. what an utter load of sh1te.

gox should just do the right thing and close it's services, for good.
legendary
Activity: 1176
Merit: 1011
I thought it might be worth pointing out for the Bitcointalk users who hate altcoins, this kind of thing is precisely why altcoins should be encouraged if it's true.
Read their press release:

Quote from: MtGox
Note that this will also affect any other crypto-currency using the same transaction scheme as Bitcoin.
legendary
Activity: 1734
Merit: 1015
This thing has been known long enough and it's not that much of an issue. Gox probably ran out of BTC and now they want to buy them back cheap so they spread FUD.
full member
Activity: 141
Merit: 100
There are so many exchanges and wallet service providers, why only MtGox detected this so called "bug"?

Are all others idiots?
hero member
Activity: 770
Merit: 500
This explain the huge number of BTC days destroyed a couple of days ago.
newbie
Activity: 38
Merit: 0
Everything they have done is basically to swing the market. First they had their fiat bank accounts frozen, so they ran out of fiat and stopped withdrawals to hike the price up and people were paying a premium to buy there, gox would take that fiat from a purchase and buy the same coin on another exchange for 10% cheaper and pocket the profit.l. Then they limit BTC withdrawals to cause a panic, and blame it on a flaw in the protocol. Price plummets and all of the BTC is still on the exchange, everyone sells their coins and GOX buys them all with the profits from before, price is way loweer on GOX because of the surplus of BTC that was held hostage by them in the first place. This caused more people to rush to deposit fiat because for them the risk is worth it to get some coins at a much cheaper rate. All the new deposits go into their ponzi fund to pay back the months and months backlog of withdrawals they have. What a clusterfuck.
member
Activity: 77
Merit: 10
The flaw isn't so much in Bitcoin as it is in exchange-systems. Many exchanges use the tx-id to uniquely identify transactions, but as it turns out, an attacker can change the tx-id without changing the actual transaction, rebroadcast the changed transaction (effectively creating a double-spend) and if his altered transaction gets accepted into a block instead of the legit transaction, the attacker receives his coins and can complain with the exchange that he didn't. The exchange will then check their db, fetch the tx-id from it, look it up in the blockchain and not find it. So they could conclude that the transaction indeed failed and credit the account with the coins.

A simple workaround is to not use the tx-id to identify transactions on the exchange side, but the set of (amount, address, timestamp) instead. If a user complains about not receiving their withdrawal, support can look it up using these 3 variables. It takes a little bit more work from support, but it prevents this attack from succeeding.

While it'd be nice if the tx-id isn't malleable, blaming this problem on a flaw in the protocol is quite a stretch.

well explained.

too bad gox can't afford a good dev like you  Cheesy
legendary
Activity: 1260
Merit: 1008
Pieter Wuille post on btc dev mailing list a RFC about a BIP proposal to "can get rid of transaction malleability over time".
The email was sent no more the 12 hours ago. If you're interested in reading the BIP proposal you can find it here:

https://gist.github.com/sipa/8907691



hero member
Activity: 742
Merit: 500
The flaw isn't so much in Bitcoin as it is in exchange-systems. Many exchanges use the tx-id to uniquely identify transactions, but as it turns out, an attacker can change the tx-id without changing the actual transaction, rebroadcast the changed transaction (effectively creating a double-spend) and if his altered transaction gets accepted into a block instead of the legit transaction, the attacker receives his coins and can complain with the exchange that he didn't. The exchange will then check their db, fetch the tx-id from it, look it up in the blockchain and not find it. So they could conclude that the transaction indeed failed and credit the account with the coins.

A simple workaround is to not use the tx-id to identify transactions on the exchange side, but the set of (amount, address, timestamp) instead. If a user complains about not receiving their withdrawal, support can look it up using these 3 variables. It takes a little bit more work from support, but it prevents this attack from succeeding.

While it'd be nice if the tx-id isn't malleable, blaming this problem on a flaw in the protocol is quite a stretch.

+1e6

Thanks for posting this here in such a clear way!


legendary
Activity: 1554
Merit: 1222
brb keeping up with the Kardashians
This is GREAT news. It means Gox has identified the problem and is taking steps to correct it.
full member
Activity: 210
Merit: 100
So when you trade in company shares you panick-sell everything on a bad week?
I don't think so. In that situation your accountmanager tells you to buy some extra.

So companies can go bankrupt, bitcoin cannot.
Pages:
Jump to: