Pages:
Author

Topic: New research proves: MtGox bitcoins NOT stolen using transaction malleability - page 3. (Read 25294 times)

legendary
Activity: 1437
Merit: 1002
https://bitmynt.no
We just published some results about the use transaction malleability in the Bitcoin network with a special focus on MtGox:
How did you pick up the vulnerable transactions?  Those weren't relayed through the bitcoin network, just published through their API.  With signatures which were mutable into standard format.  (Which we can assume the attacker did for his own transactions.)
full member
Activity: 164
Merit: 100
It seems that hacker messed Mt Gox Off-Chain Bitcoin Balance.
member
Activity: 98
Merit: 10
Another goxxing, it never stops! Cheesy
member
Activity: 76
Merit: 10
Enemy of the State

Quote from: Conclusion
we merely observed a total of 302,000 bitcoins ever being
involved in malleability attacks. Of these, only 1,811 bitcoins were in
attacks before MtGox stopped users from withdrawing bitcoins.


My question is, if only 1,811 bitcoins were attacks on Mt Gox, where are the 300,189 others stolen from?

no one said they were stolen from anywhere.
hero member
Activity: 686
Merit: 500

Quote from: Conclusion
we merely observed a total of 302,000 bitcoins ever being
involved in malleability attacks. Of these, only 1,811 bitcoins were in
attacks before MtGox stopped users from withdrawing bitcoins.


My question is, if only 1,811 bitcoins were attacks on Mt Gox, where are the 300,189 others stolen from?
legendary
Activity: 1540
Merit: 1000
thanks for sharing the info but I for one never really believed what Gox had said was even remotely true mainly because if that was the case I'd suspect there would have been more transparency after the fact.
+1
This story was shady from the start. Some kind of malleabilty that no one can comprehend... jesus it was a biggest bitcoin exchange how can they fail so miserably?

I think this is less for us and more for the morons out there who don't know anything about Bitcoin, part of the problem that MTGOX became was the fact that the media was giving them so much free advertising so of course all the new people who had never heard of Bitcoin before went there for Bitcoin trading, since they didn't know any better and didn't do research they got conned. I'm convinced now that Mark is going to prepare to run off the moment he gets his chance as all the evidence starts coming out about what he's been up to if he hasn't got a plan already, I'd be very surprised if he ends up in jail because governments just refuse to learn anything about how Bitcoin works especially since we've had our first major case of fraud with lots of victims involved.
legendary
Activity: 938
Merit: 1001
http://arxiv.org/abs/1403.6676  <--  non-obscured link

While I suspect that their conclusion is correct, I really take exception to their methodology and assumptions.  Mostly, they assume that a mutation will be visible as a double spend.  However, the reference client's behavior regarding relaying transactions with degenerate signatures changed, so a sparse sensor network would likely only see the mutated transaction instead of a pair.

I think that given bitcoin's 10 minute timeframe for rounds, and their decent connection of nodes, it is reasonable to assume that they customised clients logged the majority of such transactions.
full member
Activity: 214
Merit: 101
Is it definite that you would have received both copies of a malleable transaction on the Nodes in question?
copper member
Activity: 3948
Merit: 2201
Verified awesomeness ✔
sr. member
Activity: 308
Merit: 250
Jack of oh so many trades.
Some kind of malleabilty that no one can comprehend...

Although I agree with you 100% on the dubious nature of Gox's story, I have to argue one point. Many people can, and do, understand the malleability just fine. It is a real thing and was documented a long time ago.

But no, it most likely didn't cause the downfall of Gox.
sr. member
Activity: 728
Merit: 265
thanks for sharing the info but I for one never really believed what Gox had said was even remotely true mainly because if that was the case I'd suspect there would have been more transparency after the fact.
+1
This story was shady from the start. Some kind of malleabilty that no one can comprehend... jesus it was a biggest bitcoin exchange how can they fail so miserably?
legendary
Activity: 1204
Merit: 1002
Now this is an expert opinion that can be used in a court filing. Dr. Roger Wattenhofer is a full professor at ETH Zurich, working on distributed systems. He's published some good papers. He was at Microsoft Research for a few years, too.

It looks like the only Mt. Gox creditor who got off their butt and went to the Tokyo District Court is the guy behind "http://www.mtgoxrecovery.com/". So get this to them.
hero member
Activity: 798
Merit: 500
Time is on our side, yes it is!
thanks for sharing the info but I for one never really believed what Gox had said was even remotely true mainly because if that was the case I'd suspect there would have been more transparency after the fact.
legendary
Activity: 1652
Merit: 1007
DMD Diamond Making Money 4+ years! Join us!
Well, this is just another proof to something we already know. Mark Karpeles is a thief.
full member
Activity: 164
Merit: 100
LoL...

Mark Karpeles got Goxed for his lie  Grin
legendary
Activity: 1316
Merit: 1000
legendary
Activity: 2940
Merit: 1333
Wow -
So roughly 66k bitcoins were stolen after MtGox freeze?  Who lost that much and is still afloat?


I don't see where you're getting that number from, but even if it is correct, 66k of malleated bitcoins doesn't mean any coins were stolen. TM doesn't cause loss unless coupled with really bad software.
sr. member
Activity: 560
Merit: 250
"Trading Platform of The Future!"
Maybe this will pressure gox into finding the rest of its bitcoins? maybe?  Smiley
newbie
Activity: 52
Merit: 0
Wow -
So roughly 66k bitcoins were stolen after MtGox freeze?  Who lost that much and is still afloat?
hero member
Activity: 924
Merit: 1001
We just published some results about the use transaction malleability in the Bitcoin network with a special focus on MtGox:

Quote from: Conclusion
The transaction malleability problem is real and should be considered
when implementing Bitcoin clients.

However, while MtGox claimed to have lost 850,000 bitcoins due to malleability
attacks, we merely observed a total of 302,000 bitcoins ever being
involved in malleability attacks. Of these, only 1,811 bitcoins were in
attacks before MtGox stopped users from withdrawing bitcoins. Even more,
78.64% of these attacks were ineffective. As such, barely 386 bitcoins could
have been stolen using malleability attacks from MtGox or from other
businesses. Even if all of these attacks were targeted against MtGox,
MtGox needs to explain the whereabouts of 849,600 bitcoins.

The complete results are here: http://bit.ly/1rCqKED



Great.

Now .... what are you going to do, to get this data into the hands of someone who can actually do something about it?

Cuz posting it here isn't going to matter much.

-B-
Pages:
Jump to: