Pages:
Author

Topic: someone fucked up and lost ALOT of money - page 3. (Read 30483 times)

legendary
Activity: 1437
Merit: 1002
https://bitmynt.no
October 29, 2011, 01:17:25 PM
#67
We're the only long running exchange that hasn't been compromised
I don't think Bitcoin Central has been compromised either, or has it?  Free software as well. :-)
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
October 29, 2011, 11:24:01 AM
#66
Ultimately these coins are gone. Since more coins have been mined since then, any work to evict the transaction from the blockchain would do more damage to miners.

Imagine this were 500000 BTC and every MtGox user were at risk of a major loss. (which would certainly hit the news and damage the community).

A feature that allowed a miner to vote out a block or a transaction would be valuable. If 50%+ did it, the error would simply vanish. Democracy at work. But it would only work if that 50% voted immediately.
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
October 29, 2011, 11:16:41 AM
#65
Keep in mind in this discussion, that once you go outside the scope of isStandard(), there is really no computationally-feasible way to evaluate if a script is "invalid" like this.  Sure, you could've written error-checking to catch the case that you accidentally plugged OP_0 in between OP_HASH160 and OP_EQUALVERIFY... but there's literally an infinity of other ways you could create an invalid transaction that wouldn't be caught by that condition.

How is the client supposed to know that a non-std script is invalid?  Try every possible TxIn-script -- all 256^200 scripts less than 200 bytes?  What if he had a valid script but accidentally plugged in all 20 '0x00' bytes instead of the target hash?  Or accidentally reversed the endian of the target address before signing?  Added or truncated a byte by accident?  Hashed one too many times?   Sure, you can catch some of these if you clutter your codebase with dozens of validation checks... but there's still billions of other feasible ways to create invalid scripts that just cannot be caught no matter if you have a billion checks.

Just as an example:  what if you accidentally reversed the hash of the target address?   The target "address" is actually just a hash of a public-key and no one knows whether there even is a public key that exists to match that address.  the BE and LE version of the same address are completely indistinguishable to someone who doesn't have the public key that created it.  You only know there is a public key when someone actually supplies it to spend the TxOut.  But until that happens, it is literally impossible (without trying all 2^256 private keys) to know whether that TxOut is spendable.
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
October 29, 2011, 10:46:41 AM
#64
The way I understand it, these transactions were nonstandard enough that normal miners and clients would already refuse to relay or process them (but will accept them in a mined block). And that the only way these got into a block was that he teamed up with Luke-Jr's Eligius mining pool which has been modified to explicitly allow these nonstandard transactions for a fee (or other negotiated arrangement).
sr. member
Activity: 392
Merit: 250
October 29, 2011, 10:42:40 AM
#63
Unless he was using a totally nonstandard bitcoin client AND wallet.dat

https://bitcointalksearch.org/topic/pywallet-22-manage-your-wallet-update-required-34028

Code:
Delete transactions from your wallet
Under "Delete a key from your wallet:"
Key is the hash of the transaction you want to delete (type "all" to delete them all)
Type: Transaction
donator
Activity: 1218
Merit: 1079
Gerald Davis
October 29, 2011, 10:22:36 AM
#62
If anything, create a toolkit outside the main client that tells you whether a transaction conforms to a handful of explicitly defined transaction types.  This is what mtgox should have had in place in their system (and ideally written by someone other than the person that built the code to produce their transactions).

Exactly.  Current there is very little "high level" support for BTC protocol.  That is easy to understand why since it is young and in flux but just as people don't construct TCP/IP packets by hand or contstruct binary VISA interchange packets by hand in the future nobody will with Bitcoin either.

Eventually high level libraries will emerge (.net, python, php, java, C++, etc) that encapsulate error checking, validation in a higher level, more abstract, and more developer safe manner.

Something like (C# .Net)
Code:
import BitcoinDotNet

BitcoinNetworkStream stream = new BitcoinNetworkStream()

SimpleTransaction t = new SimpleTransaction()
t.Amount = ....
t.Destination = ....
t.Sign(myWallet)

try
{
  stream.SendTransaction(t)
}
catch (InvalidDestinationException e)
{
/// oops we tried to send it somewhere invalid

}

hero member
Activity: 868
Merit: 1008
October 29, 2011, 08:57:11 AM
#61
I would be against any effort to put additional "spendability" checking into the main client.  The domain of possible transactions that are unspendable would be too large for that to be effective in any general way.  Sure, you could catch this particular form if it ever happened again, but you may as well call that rule the "mtgox screw up #214" rule...and it's highly unlikely that such a rule would ever catch a transaction in the future (because mtgox will have fixed the problem and it's unlikely that anyone else would create an unspendable transaction like this in the future).  With such rules, you are also making assumptions about the creator of the transaction that they didn't want to destroy coins.  You would also be altering what constitutes a valid transaction (and hence effectively changing the language).

If anything, create a toolkit outside the main client that tells you whether a transaction conforms to a handful of explicitly defined transaction types.  This is what mtgox should have had in place in their system (and ideally written by someone other than the person that built the code to produce their transactions).
hero member
Activity: 938
Merit: 1002
October 29, 2011, 08:40:12 AM
#60
It would be nice to be able to run a message through a validator to get some indication of _major_ screw ups.  This would not have to be part of your script language.

I don't think it's plausible to expect we could prevent screw-ups by blacklisting scripts. What are the chances that the same mistake will be made ever again? Next time it will be some other unforeseen error. And if you use heuristics for filtering, then what if there is a bug in the filter itself? I'm mostly impartial though, just not convinced about the usefulness of adding this particular mistake to the protocol specification. (I guess others wrote the very same reply.)
newbie
Activity: 47
Merit: 0
October 29, 2011, 08:37:49 AM
#59
I guess I agree with you guys now, although it doesn't feel right hoping for people to screw up so my coins can be worth more...

There is no validator.  I'm saying it would be nice if there was one for people writing their own software.  It might keep them from making mistakes.  "WARNING:  You're sending coins to a zero address.  Are you sure this is what you intended to do?"  I guess they could write their own though...
donator
Activity: 1218
Merit: 1079
Gerald Davis
October 29, 2011, 08:32:00 AM
#58
I read most of the post as it was very long.

For the most part I agree with you (I hate bloat as much as the next guy).  However, most of the examples you quoted were for things like web servers, HTML, (perhaps I'm missing one).  All of these protocols have no consequences for the entire body of people using these protocols.  If a web server in china screws up, it doesn't affect me at all.  If someone screws up with bitcoin and sends 2 million coins into the darkness, that affects us all.  That can only happen so many times before bitcoin is no longer worth anything to anyone in its current form.  It would be nice to be able to run a message through a validator to get some indication of _major_ screw ups.  This would not have to be part of your script language.

What validator?  The exchange was writing their own custom code.  The client wouldn't allow you to make this transaction.  When you are working with raw code that is the risks you take.  

If you are indicating a miner should validate all scripts that quickly becomes very difficult.  The scripting language is very complex and there are many (some not yet even implemented) permutations of possible scripts.  What happens when miners start rejecting scripts that are valid but they think aren't valid and your transactions can't find their way into the blocks.  Lastly someone may decide they want to destroy currency and retain a public record of this.  
hero member
Activity: 756
Merit: 500
October 29, 2011, 08:30:49 AM
#57
@worldinacoin

yes of course. but i dont see somthing like that. tradehill dont come over 5%


i think what will happen is -

bitcoin someone leaving the niche, than the big onlinebrokers start offering bitcointrading next to their stocks/gold etc. than mtgox is the small plattform, tradehill maybie survive far away and the other exchanges decease.

It takes time, the pioneer exchanges will normally have a head start, but the latter ones can be more innovative and catch up later on.
hero member
Activity: 714
Merit: 504
^SEM img of Si wafer edge, scanned 2012-3-12.
October 29, 2011, 08:26:27 AM
#56
For the most part I agree with you (I hate bloat as much as the next guy).
As I understand it mtgox sent a transaction with an obviously invalid protocol message.
It's not about bloat, actually. The point is, it was not an invalid protocol message. This was perfectly allowed by the protocol. There is no reason to disallow things that look strange but are valid by the protocol, just because it looks "obviously wrong" to us.


If someone screws up with bitcoin and sends 2 million coins into the darkness, that affects us all.  That can only happen so many times before bitcoin is no longer worth anything to anyone in its current form.
Yes, it does affect us all. In fact, it makes the bitcoin you are holding worth more, not less.
k
sr. member
Activity: 451
Merit: 250
October 29, 2011, 08:14:35 AM
#55
Wasn't the idea of destroying bitcoins by spending to a provably non-redeemable address floated somewhere around here before? It was part of one proposed mechanism of migrating value to a new blockchain I think.
It seems to me that scripts such as this (sharp and pointy as they may be) should be allowed.


@julz this might have been related to what you are thinking about above:

http://bitcoin.stackexchange.com/questions/924/can-a-bitcoin-be-destroyed
newbie
Activity: 47
Merit: 0
October 29, 2011, 08:02:35 AM
#54
Or it sounds like the mainline client does validation of the protocol message.  Perhaps this could be broken out into a library that everyone could use to validate the protocol message before it was sent?

No, it's not a flaw. You can read the chatlog I pasted on page 2 for more information why.

I read most of the post as it was very long.

For the most part I agree with you (I hate bloat as much as the next guy).  However, most of the examples you quoted were for things like web servers, HTML, (perhaps I'm missing one).  All of these protocols have no consequences for the entire body of people using these protocols.  If a web server in china screws up, it doesn't affect me at all.  If someone screws up with bitcoin and sends 2 million coins into the darkness, that affects us all.  That can only happen so many times before bitcoin is no longer worth anything to anyone in its current form.  It would be nice to be able to run a message through a validator to get some indication of _major_ screw ups.  This would not have to be part of your script language.
legendary
Activity: 1358
Merit: 1002
October 29, 2011, 07:36:54 AM
#53
For adepts of decentralization you guys trust MtGox too much, even after all the times they fucked up... Just don't come crying when you lose your Bitcoin/USD/EUR. Until now they had the money to cover their(and others) losses, but what will happen when the fuck up is so big that they don't have the money?
And take out your donkey goggles, they are doing their job right, just letting you see what's in front of your eyes...

But whatever, people are free to lose their money any way they want. I'm out!
legendary
Activity: 1232
Merit: 1076
October 29, 2011, 07:34:31 AM
#52
Or it sounds like the mainline client does validation of the protocol message.  Perhaps this could be broken out into a library that everyone could use to validate the protocol message before it was sent?

No, it's not a flaw. You can read the chatlog I pasted on page 2 for more information why.
newbie
Activity: 47
Merit: 0
October 29, 2011, 07:32:40 AM
#51
Will someone please answer me a stupid question (I'm sorry as I'm not really proficient in the protocol)?  As I understand it mtgox sent a transaction with an obviously invalid protocol message.  Shouldn't messages like this be rejected by the network?  It seems like a large hole to have open, especially if bitcoin becomes very popular and more people start writing (possibly flawed) code to use it.

Or it sounds like the mainline client does validation of the protocol message.  Perhaps this could be broken out into a library that everyone could use to validate the protocol message before it was sent?
legendary
Activity: 1232
Merit: 1076
October 29, 2011, 07:19:26 AM
#50
Who would you rather trust for exchanging bitcoins?  Bitomat (all lost, saved by MtGox)?  Bitcoin7 (most lost, can get some back by revealing all possible details about your self and submitting naked photo)?  Tradehill (endorses spam, reveals your trades to the one who referred you)?

Or Intersango, never been hacked, run by bitcoin developers, been running since March 2011 and contributes back to the community. If you truly want to support the bitcoin world, then support us. We create projects through our group (Bitcoin Consultancy) which we use to fund further development on bitcoin and projects around it.

We were the ones that discovered the CSRF exploit in MtGox and other exchanges. TBH MtGox has a very poor track record when it comes to security, and they don't seem to have learnt from their lessons. We were the ones who had to respond to the media (by contacting them) when they crashed causing reporters to say bitcoin had been hacked and MtGox ignored all calls for a statement from them.

joepie, Diablo and some other people here lost money which MtGox has never paid back as a result of the CSRF exploit. They were also dishonest on multiple occasions, outright lying or covering things up. Even now they are blaming this on the bitcoin network not accepting transactions with inputs more than 255 (if you read the chatlog I pasted on page 2) which is wrong considering that a) there is no limit and b) the max number of inputs in any of their transactions was 4.

We're the only long running exchange that hasn't been compromised (formerly Britcoin) and are based in London with a development team. Our group (Bitcoin Consultancy) is also actively involved in developing other areas of bitcoin, operates other services and is working with merchants. And we charge no fees.

Our about us: https://intersango.com/about-us.php

Security: https://intersango.com/security.php

Fees: https://intersango.com/fees.php

Our development's group website: http://bitcoinconsultancy.com/

We were the ones just at SWIFT's (the messaging network used for international bank transfers) SIBOS conference on the future of banking discussing how bitcoin could be used to improve international transfers.

So we're pretty much heavily invested in bitcoin for the long term. The purpose of our group is to hire people to work full-time on furthering bitcoin. We release many of our project's source code for the community. We're also helping organise the European Bitcoin Conference.

If you appreciate our work, and wish for bitcoin to grow, then use our exchange. In return it allows us to grow our development team to push forwards and create more community projects we can contribute. It's my hope to turn this into a talent base to allow the brightest minds to prosper and develop cool technology- like Google or Apple but for specifically for bitcoin and other cryptocurrencies.


legendary
Activity: 1437
Merit: 1002
https://bitmynt.no
October 29, 2011, 06:38:58 AM
#49
It seems he's more close to LOSE the mtgox balance than run away with it.
Now you are silly.  He lost 2% of his annual BTC revenue.  That's 1% of his total revenue, only that MtGox can not exchange BTC into fiat currency (i.e. trade) themselves.  That would be against regulations in Japan.  Since the stuff which can be bought for BTC is still quite limited, MtGox lost very little of practical value to them.  The users lost nothing.

Who would you rather trust for exchanging bitcoins?  Bitomat (all lost, saved by MtGox)?  Bitcoin7 (most lost, can get some back by revealing all possible details about your self and submitting naked photo)?  Tradehill (endorses spam, reveals your trades to the one who referred you)?

Most of MtGox' coins are in an offline securely stored wallet, as was demonstrated after the crack.  It can't be lost by a simple programming error.
legendary
Activity: 1358
Merit: 1002
October 29, 2011, 06:25:33 AM
#48
i deleted my post because i cant help you.

you trust a free service a lot of coins, then wondering what happend.

but you dont trust a hard working man fighting agains powerfull enemys (banks) and taking high fees from us for that.

well do what you do, i do what i do.

Wrong answer. I trust myself, and even so I must account for those times when I get high...
I haven't lost anything in mybitcoin and I don't plan on losing anything in any exchange. But others did and will.

Also, I'm not trying to get you to lose your faith on the hard working man charging you high fees. You are free to do whatever you wish, just don't be surprised when you lose Bitcoin in some service.
Pages:
Jump to: