MtGox, a Bitcoin exchange that used to have over 90 market share in the industry and still remains one of the top three Bitcoin exchanges today, announced on Friday that they would be halting BTC withdrawals as a result of unspecified internal technical issues, and promised that they would have an update by Monday. The Bitcoin price dropped 10 partly as a result of the news, and conspiracy theories abounded about what was going on inside.
One Bitcoin user travelled from Australia to hold a protest in front of the MtGox offices, and even had a conversation with MtGox CEO Mark Karpeles – the details of which he published in his post on Reddit.
Today, MtGox announced that the exchange would not be re-opening withdrawals and released a long press release, explaining their reasons why.
The news is only the latest in a nearly year-long series of shocks to hit the once seemingly unassailable exchange. In April, MtGox was forced to shut down for over a day after the platform’s software was unable to handle the large volume of trades after the Bitcoin price crashed from over $200 to about $60. In May, MtGox was sued by Coinlab, lost its Dwolla account and had over $3 million of its funds seized by FinCEN. In June, the exchange suspended USD withdrawals for two weeks as a result of banking issues in Japan, and that was when the exchange began to get into trouble. Withdrawals were resumed two weeks later, but it became very difficult for users to get their money out with some withdrawals taking weeks or even months.
The Bitcoin price on MtGox began to be consistently 10 higher than on Bitstamp after that point – not because a Bitcoin on MtGox is worth more, but because a dollar on MtGox was worth less, and some people even became concerned that not every dollar deposited by the exchange had any backing at all.
The above status quo would last for the next seven months, and at the end of January the Bitcoin price on MtGox went up to 25 higher than the price on Bitstamp – or rather, the value of a dollar on MtGox was worth 20 less than a dollar in the banking system.
In the last five days, however, there was a radical shift: the price on MtGox switched to being 5 lower than Bitstamp. The reason is not that MtGox fixed its withdrawal issues; dollars on MtGox are still worth 20 less than dollars on BitStamp. Rather, now that BTC and USD are both unwithdrawable from the exchange, BTC on MtGox are also worth 20 less.
This is not a mere conjecture; it is actual fact, as shown by a Bitcointalk thread with people offering their MtGox BTC for real BTC at a 25 discount.
So what is the problem with MtGox today?
Essentially, the root of the problem lies in a concept called “transaction malleability”. In order to understand the root of the problem, we must first understand two key concepts.
First of all, Bitcoin is transaction output-based, not account-based. For example, if A sends transaction X transferring 10 BTC to B, and then B makes a transaction Y sending those same 10 BTC to C, transaction Y would cite the output of transaction X as the source of its funds. The way that Y “cites” X is by including the “transaction ID” of X. The TXID of a transaction is based on the hash of the transaction; that is, as soon as one constructs a transaction, one can calculate what its index will be by applying a mathematical function to it, and different transactions will end up having different TXIDs.
Second, because of a flawed implementation in the way Bitcoin verifies transaction signatures, there is a way to take a transaction and add leading zeroes to the values in the transaction, changing the representation without changing the meaning, to produce a different transaction with a different TXID that has the same effect. Note that this is not double-spending; the new transaction will have the same outputs and the same inputs as the old transaction, and the only material difference between the two is the TXID.
Also, importantly, unlike double-spending you do not need to be the creator of the original transaction to have the second transaction; potentially anyone’s transaction can be spoofed.
The bug that MtGox faced is as follows. First, user A requests a withdrawal from MtGox, and waits for MtGox to send the transaction, say
T1 with TXID
H1. Then, A adds a leading zero to
T1 to make the equivalent, but different, transaction
T2 with TXID
H2. A then quickly pushes
T2 to as many mining pools as possible, hoping that
T2 would get included. Meanwhile, MtGox is watching the blockchain to see if a transaction with TXID
H1 gets included; of course, no such transaction ever does because
T2 gets in instead. Then, MtGox ends up mistakenly thinking that the withdrawal never got through, and sends the bitcoins again to the withdrawer.
From the press release, it might easily be thought that the bug is a new and unexpected vulnerability in Bitcoin, and the price dropped by roughly 20 as a result of the news. However, the price has since regained nearly all of the drop, and for good reason: the bug is not a fatal new Bitcoin bug at all.
This counterintuitive property of Bitcoin transactions has been known since 2011, and most Bitcoin wallets already deal with it by watching for any transaction spending the outputs of certain previous transactions, rather than watching for a transaction with a specific ID. MtGox, with its custom Bitcoin implementation, does not. The problem is thus entirely a result of programming failures on MtGox’s part.
For MtGox, things are not looking good. While the price on Bitstamp is now back up to $680 after the drop from $700 to $530, the price on MtGox has only recovered to $612, an entire 10% below the price on Bitstamp, a marked change from the 10% above Bitstamp that the exchange had been maintaining for the seven months before.
Will MtGox be able to pull its feet back together after this incident and reclaim its glory as one of the core institutions of the Bitcoin economy? We’ll just have to wait and see to find out.
Vitalik Buterin is a co-founder of Bitcoin Magazine who has been involved in the Bitcoin community since 2011, and has contributed to Bitcoin both as a writer and the developer of a fork of bitcoinjs-lib, pybitcointools and multisig.info, as well as one of the developers behind Egora. Now, Vitalik's primary job is as the main developer of Ethereum, a project which intends to create a next-generation smart contract and decentralized application platform that allows people to create any kind of decentralized application on top of a blockchain that can be imagined.