Pardon my naivety, I don't follow much Bitcoin news except for what I read here in passing. What happened to Mt Gox? Having trouble finding unbiased news on the subject
MtGox had plenty of problems before their php hot wallet was emptied like multiple civil suits, their US accounts being frozen with millions seized, and their Dwolla account was also seized full of funds.
And of course all that downtime for denial of service attacks which was their own fault. MagicalTux slammed BlackLotus, Prolexic and Cloudflare as garbage before somebody pointed out they left a bunch of open ports which is why they were still getting DDoS'd. That whole exchange is a joke from day 1.
And then MtGox blamed their own bug on the open source developers calling the actual protocol a bug. (Although malleable transactions were a pretty stupid idea.)
Even if transactions were not malleable, or if you use unchangeable signatures, you would still hit a race condition using them like Mt. Gox does.
The proper way to resend a transaction is to re-use an input which was used in the original transaction. It does not need to be all the same inputs, just at least one. This way it is not possible for the two transactions to both succeed. If the original transaction succeeds then the second will be rejected as a double spend.
In general Mt. Gox's software appears to not be paying attention to little details about inputs. For a while now if a miner sends the block find award to their Mt. Gox address then Mt. Gox will use the inputs resulting from that block find before the inputs are valid. This causes any transaction with said input to be ignored. The proper solution is to wait the ~100 confirms before using the new btc.
Note that this is a separate problem from the duplicated transactions. The point is: Mt. Gox is not tracking their bitcoin at the correct granularity. They appear to have written the software like we might use the bitcoin rpc api, without paying close attention to the details.
Well, there are many sources of malleability which could be eliminated. Certainly I would consider each of those a bug. However it is not yet known whether malleability can be eliminated entirely (e.g. algebraic manipulations of ECDSA signatures).
It’s an attack that lets someone change the unique ID of a bitcoin transaction before it is confirmed on the bitcoin network. The change makes it possible for someone to pretend that a transaction didn’t happen, if all the right conditions are in place.
</quote>
This is a fatal design flaw in any TPS system. From any sound accounting principles point of view, no journal entry is to be manipulated after insertion - only through compensating transactions (referencing the original).
To be clear here: when broadcasting your transaction to the network, somebody can reissue your transaction with a different ID, but they cannot change the inputs and outputs.
Why not introduce some sort of a 2-phase commit with the original transaction and the newly inserted one on the block-chain? So, before the block-chain transaction is committed, check the two transaction id hashes, if they are different for the request, fail the transaction.
Edit: Of course, the eavesdropper could just as well pass the expected hash back to the originator anyways. :-( Hmmm
That's not necessary. A transaction with a modified id is not a problem unless you falsely rely on the id for payment verification instead of tracking the inputs and outputs by a custom hash.
The biggest flaw here is probably the name "transaction id", because it suggests that a transaction can only have one valid id. The normalized id fixes this issue for most transaction types.
Not the same thing in common usage. Most people use "bug" to refer to unintended behavior. Wikipedia also includes "incorrect behavior" in its definition, but that's extremely broad, since "incorrect" could be used to describe anything from an underperforming call to action on a landing page to creating software in the wrong market (e.g. "My software had a bug: I created a food delivery app when I should have created a social network app").
In fact, it's hard to even call this a flaw in design, because your intentions and hopes for Bitcoin might be very different than those of the Bitcoin developers.
So people with money frozen by MtGox are w/o recourse while the funds crash? Yikes...
Kind of reminds me of that online poker company that got in trouble with the law and people were trading "[name of company, I forgot] dollars" for below value in an attempt to recoup some of their funds.
Poker Stars, Full Tilt Poker, and Absolute Poker/Ultimate Bet were the 3 affected by what is known as "black friday" in the poker community. Poker Stars paid back players relatively quickly so I'm not sure anyone sold any of their frozen assets on that site. For Absolute Poker, the exchange rate began at 50 cents on the dollar and plummeted quickly from there all the way down to 1 cent on the dollar. For Full Tilt, the exchange rate started higher but also eventually went as low as 1 cent on the dollar. 14 months after black friday, Poker Stars bought Full Tilt Poker and has since returned all funds owed to Full Tilt players. Ultimate Bet still has not paid any players back and likely never will.
Fun story: I was a professional online poker player when black friday happened. And I just happened to be in Guatemala, on my honeymoon. Prior to going on my honeymoon, I had experienced the worst downswing in my career and all we had left (about 20k) was now frozen in my Poker Stars account. When we returned home, we didn't have enough to make the next month's mortgage payment. What we did have was about 1k in cash from our wedding gifts. The night after we got back, I took that 1k to the local casino and played in the highest cash game I could buy into. It was high risk but I didn't have time to grind it out at lower stakes. Luckily I went on an amazing heater, ran the 1k up to 10k and that was enough to last us until Poker Stars unfroze my account.
"The night after we got back, I took that 1k to the local casino and played in the highest cash game I could buy into. It was high risk but I didn't have time to grind it out at lower stakes. Luckily I went on an amazing heater, ran the 1k up to 10k and that was enough to last us until Poker Stars unfroze my account."
That's a fantastic story my friend. It took some luck but also a lot of guts and self confidence to do that. Glad you managed it.
> That's a fantastic story my friend. It took some luck but also a lot of guts and self confidence to do that. Glad you managed it.
Story is fantastic, but I'm not glad he did it. I would like it much more if he understood that gambling is a zero sum game except for gambling companies, and stopped playing it after learning a lesson.
I'm well aware that poker is a zero sum game, at least as far as the exchange of money is concerned. That being said, that doesn't mean that playing professionally provides no value to society. As with any game or sport, there's a certain entertainment value provided to those that play as well as those that watch. Even those players that never make it on tv help to provide the foundation for the ecosystem needed to provide the entertainment on a global level, in the same manner that minor league sporting athletes help support the majors.
All that being said, the entire reason I was devoting time and effort to my side projects was the belief that I could derive more meaning from life doing something other than poker. I was already trying to transition to something new. Black Friday just gave me a giant kick in the ass.
Also, poker is not gambling, at least not the way I play.
I understand the spirit of what you're saying. Typically risking your entire bankroll is a bad move because you're risking more than you can afford to lose. I'd argue that, in this instance, that wasn't the case. If anything, I was on a "free roll" of sorts. Winning that night would significantly improve my situation (allow me to pay my bills) where losing would not significantly worsen my situation - I'd still be screwed. There just wasn't much difference between having 1k and having 0 and I didn't have enough time to build slowly.
Well, in that case I can only congratulate you for getting rid of the poker. I'm glad that you had a rational approach and kept kalm that allowed you way out.
And about poker being not gambling, well I don't agree. However smart you play, as much as you count on the statistics, in the end of the day, there's still luck involved. Even if it were only pure skill game, you can't always know skill level of your opponents :)
It sounds like you have a very loose definition of what gambling is, going so far as to suggest that placing wagers on chess would be gambling because you might not be certain of your opponent's skill level, and thus cannot predict the outcome. Most definitions of gambling would reject that as an identifying characteristic is that the game be a game of chance. That being said, you might find it interesting to know that professional online poker players usually have a LOT of information about their opponents - usually more than enough to gauge their skill level. There are sites that mine every hand ever played online and then programs that compile that data into useful information that is then displayed beside each player's icon while you play. We know each player's win/lose percentage, how aggressive or passive they are, how likely they are to bluff, fold to a bluff, ect... In addition there are programs that help professionals find the best tables to play at - not only where the opponents are the weakest, but where they are the weakest against your particular style of play. Luck is minimized as much as possible. The true minimizer of luck, however, is volume. I've literally played million of hands of poker. Out of 7 years of play, I've had plenty of losing days, but only a handful of losing months, and never any losing years.
As for whether poker is a game of chance, I would argue that the level of skill involved trumps the level of chance and thus doesn't qualify. A good poker player is much like a casino. On any given bet they could lose but in the long term they never do because they always have an edge on their opponents.
But more importantly, there's luck involved in almost everything you do, and you can almost never predict with certainty the outcome of your actions. Should we seek to avoid all luck in life, or perhaps only when money is involved? That would mean we could no longer make investments in anything. Even putting your money in a savings account has, perhaps not luck, but at least a degree of risk involved. There are some things I would never risk in life but money isn't one of those things. Money is just a means to an end.
At the end of each day, yes, luck is a big factor. At the end of a career, statistical probabilities remain supreme, and you'll find that the hand you're supposed to play 60% of the time will win about 60% of the time.
You're not wrong to be critical of the OP for gambling with his lunch money, but at the same time, it's wrong to conflate statistics with luck. If "the way he plays" is "by the numbers", then luck really isn't a factor. Sure, it may bear on any given hand, but in a long enough game, luck is all but eliminated as being relevant.
I agree entirely with everything other than the lunch money comment. Having 1k was no better to me than having 0 - in either case, I wouldn't have enough to pay my bills - so I wasn't really risking anything significant. Really, I only stood to benefit by taking the risk. If I had enough time I would have rebuilt my bankroll slowly but I simply didn't have enough time.
Why do people insist on telling us that gambling is a zero-sum game, in an attempt to sound wise and knowledgeable? Do you really believe the are people who think that a poker game magically creates new money for everyone?
> people insist on telling us that gambling is a zero-sum game
people who insist on saying 'zero-sum' is really just passive-aggressively saying that the person indulging on said activity should've spent their time on other non-zero sum activity.
When the payoff for not hitting a certain monetary threshold is extremely negative and out of proportion to the amount of money in question (lose your wife/house/family/life) that can actually change that calculus, and taking a losing bet is your best move in the absence of other options.
There's something "romantic" about the whole thing. Sometimes we have to do things that are irrational to experience life. It's sort of like climbing Everest. It makes no sense and still quite dangerous but people do it to satisfy some irrational yearning.
The irrationality and the circumstances of his story are what makes it all so beautiful.
> 14 months after black friday, Poker Stars bought Full Tilt Poker and has since returned all funds owed to Full Tilt players.
Not totally correct. As part of the deal, Pokerstars paid out balances for all non-U.S. Full Tilt players. Players from the U.S. are still waiting for their money, which will be in the form of remittance through the DOJ. The latest news is that those payments will begin soon (nearly 3 years after "Black Friday").
Ah. I knew the date to file your claim with the DOJ had already passed so I assumed (incorrectly it seems) that the refunds had already been processed. Thanks for the correction!
I started coding professionally as well. I had some experience before Black Friday. I had been working on a few side projects (in Python) for a couple of years. I augmented that by attending the App Academy, which at the time was teaching Objective C.
There is some fear that funds may have been lost on a large scale, due to this bug, and that Mt Gox simply won't be able to make good on their accounts. Some have suggested that Gox is buying BTC at the current deflated price to try to cover the gap. All of this is hearsay, and I don't know how much of it I would believe. It's difficult to take the Gox folks at their word, however, given their reticence about providing details of what they're up to, and the slowness of a return to normalcy.
I don't understand how that works. I had $1000 in my account, say, and it was worth 1 BTC. Now it's worth 10. Isn't that much more expensive for Gox to return?
The issue at hand is that Gox has allegedly lost BTC due to double-payouts as a result of the malleable transaction. So if the price of BTC on Gox is super low, Gox could decide that it's better to change the ledger such that instead of 10 BTC a person has $1000, instead of having to buy 10 BTC at the market price (~$10 000) and use that to reimburse the person.
(Granted, considering how much trouble they were having before with USD being frozen, I can't imagine that this is a feasible move for Gox at the moment.)
You aren't buying directly from Gox, it's an exchange. You can buy 10x more bitcoins with your money, but you're buying from people who have lost confidence in the exchange and believe they are more likely to get their USD out than their bitcoins.
MtGox should be full reserve, that is, they should be holding 100% of all user's bitcoins and fiat deposits, only skimming off the exchange fees.
Sure, but for people who had 100BTC in their Gox account that was worth $100000 and is now worth $10000 that's much cheaper for Gox to return. If the balances in Gox accounts in BTC are higher than the balances in $, and/or most of Gox's own assets are in $, then it's in their interests for the BTC price to be lower.
long story short, they halted customers from withdrawing fund until they 'sort out their technical and security problems'. The longer the problem go unfixed, less likely customers would be able to withdraw at all, so price crashed 85%.
Note that only the MtGox price crashed that hard, other exchanges offer much more bucks for the coins. But, since you can't withdraw in btc, it's no use buying them cheap at MtGox because you can't sell them elsewhere. At least for now, if we should believe them.
I'd be hoping for the safety of a prison cell if I were Karpeles. I'd imagine the security situation is very bad for them right now. It seems like the BTC are there, though, especially if Gox was following even rudimentary security procedures...
BitCoin just got very serious and much less fun. I guess that's what happens when it suddenly accounts for real, actual money and real actual livelihoods. I sincerely hope everyone gets through safely.
I use CoinBase which (seems like it) is slightly more reputable.
Edit: Madoff was much more. Still, this would be significant.
If those BTC are gone, this is either the largest-scale loss of money in history or the largest scale theft of money, dwarfing even Madoff.
12,437,700 bitcoins have been mined, with a market cap today of around $7.4B [1]. Madoff scammed investors to the tune of around $50B [2], so even if MtGox owned every bitcoin ever mined, they would have a bit of catching up to do.
The final tally of Madoff's scam was $57 billion, but that number is based off the fictional account balances, including both fictional profits and reinvestments of fictional profits.
Apparently about $36 billion was paid in, and $18 billion paid out, and about $10 billion recovered, leaving about $8 billion(!) "missing". All the numbers are still bigger than both BTC and Gox, though.
Although, didn't the US literally lose something like $10 billion in cash in Iraq/Afghanistan?
Assuming i take proper security precautions like 2 factor auth I don't see why it's any more risky than any other cloud service I use. CoinBase is at least backed by people who have a record of knowing what they are doing...
It's a horrible idea to keep unencrypted copies of a wallet on any remote server. Or encrypted copies that anyone other than yourself is capable of accessing. It is idiotic to keep coins in a wallet that has been created or been under the control of someone other than yourself. And 2FA is meaningless to any attacker with an exploit.
CoinBase bills itself as a digital wallet before it bills itself as an an exchange. They are at least domestically based which gives me some legal recourse in the event that they do lose my coins.
1) Does CoinBase have an interest in keeping my BitCoin's safe?
They do.
2) Is it competent to keep my BitCoins safe?
They seem about 100% more competent than Mt. Gox, which isn't saying much, but unlike Gox I actually believe CoinBase has had its cold storage audited, especially by its rather well-known backers who almost certainly do not want to lose prestige to a massive BitCoin heist/loss...
3) If I keep my BitCoins on my home machine will they will be
a) harder to access from anywhere I wish to access them and
b) equally susceptible to being lost?
Yes, and yes.
I've seen too many nightmares of people losing their private keys to believe that I'm fundmentally more capable at keeping my BitCoins safe than CoinBase is.
It's not a scheme. And I would advise anyone who asked to make up their own mind about where to store it. If they feel confident that they can 100% keep their wallets safe better than CoinBase can, then absolutely, yes, they should keep it on their home machine.
The promise of BitCoin is that it functions like cash, with all the advantages of electronic payments. If I can't bring my cash with me everywhere, then yes, it does fundamentally limit its utility to me.
BitCoin is just like any other money: the base system is based on distrust but for it to be mainstream an ecosystem of trust must be built around it. If we can't sort out the difference between competent BitCoin institutions and incompetent ones then we are in a world of trouble.
"BitCoin is just like any other money: the base system is based on distrust but for it to be mainstream an ecosystem of trust must be built around it."
Speaking of ecosystem, I noticed that FDIC insurance suspiciously missing.
Basically the entire concept of a Bitcoin wallet is fundamentally flawed from a security perspective. You're one compromised secret away from losing it.
Theoretically a 'good' Bitcoin exchange would have insurance and multi-factor auth, and some complicated internal crypto scheme to minimize the scope of breaches. I can't imagine any of the current exchanges are that advanced yet.
"some complicated internal crypto scheme to minimize the scope of breaches"
Any half-decent online wallet or exchange keeps the vast majority (typically ~95%) of their funds in "cold storage", usually with an n-of-m encryption scheme, which will minimize the scope of breaches, with an occasional inconvenience when withdrawals exceed projections before they can pull funds from cold storage.
My main problem is that I don't see a satisfactory way for me as an individual to safeguard a wallet.
Cold storage is an interesting concept for an exchange, but it still seems fundamentally inferior to normal banking's procedures for undoing fraudulent transactions. N-of-m encryption schemes are nice, but they only really make sense if you have each of the keys in a different hardware crypto device. Even then, in practice I suspect all of the exchanges are set up such that 95% of their cold storage is accessible via machines that are connected to the public Internet. (I'd be interested in independent audits that show otherwise.)
Even a cursory glance at the Libertarianism page on Wikipedia would've shown you that not all libertarians are anti-State police. But I disagree about your criticism even against those that are.
Playing Devil's advocate, if the Mafia took control of your city, and forced you to pay 20% of everything you made (or be taken from your home and family), but offered to "take care" of any other criminals that might bother you, would it be hypocritical of you to not want to get robbed twice, and therefore use the services that you already had been forced to pay for?
When you live in a system that is forced upon you, it's not hypocritical to use the benefits of that system, since you're forced to withstand its drawbacks.
Coinbase is not actually an exchange, and in fact markets themselves as a wallet:
"Coinbase is an international digital wallet that allows you
to securely buy, use, and accept bitcoin currency"
It really comes down to whether you trust Coinbase (equivalent of a bank, albeit a startup bank) or yourself (equivalent of putting cash in your mattress) to securely store your money.
It's not really anything like putting cash in your mattress. With Bitcoin, you can even store it in your brain, not to mention any place where you can store a piece of paper or a string of digits.
You can even trust a regular bank, by putting the key in their safe. And if it's encrypted, you don't even need to trust them to not abuse it.
And using something like ssss[1], you could also store it in a lot of places at once, without any single one having enough info to use your coins.
Ok, it's like keeping cash in your mattress, safe, safety deposit box, wallet, personal vault, whatever.
The point is it's your responsibility to secure it, and if you think you can do that properly then great. I can do it, but I don't think it's easy enough that most "normal" people can do it properly yet.
You being responsible for the security of your assets is the price you pay for having total control and ownership, just like with everything else. Putting money in the bank or PayPal reduces the risk of theft but increases the risk of bail-ins and account freeze. There is always a tradeoff.
Bitcoin offers a lot of security mechanism that are not available with traditional asserts, like m-of-n-keys etc. Insured online wallets will become available as well.
Maybe the coins were there before, but I expect once the news broke out most people did the reasonable thing and bought bitcoins for all the cash that was stuck in mtgox after a day or two. The price was guaranteed to go down in the short term and I woundn't be surprised if mtgox needed 2-3 times more funds now then before closing.
I'm not sure there's any conclusion to be drawn, this doesn't really offer any additional information outside of people pressuring them to resign.
As far as anybody can tell they haven't fixed their software bugs, Gregory Maxwell wrote about that yesterday[0]. The gist is that they haven't fixed incredibly easy bugs, and are still spending unconfirmed transactions that they were warned about months ago (in this case not withdrawals, just automated housekeeping transactions).
I'm on the fence weather they will reopen their own withdrawls or not, they don't seem to be in too much of a hurry. From them moving to a virtual office[1][2] it sounds like they were threatened or some other physical incident arose that made it necessary for them to mask their location. We probably won't ever know about that, but it's not a long stretch to imagine somebody with a lot of money there could do something stupid.
> From them moving to a virtual office it sounds like they were threatened or some other incident arose that made it necessary for them to mask their location.
There have to be some colourful people with very large deposits at Mt. Gox.
You can assume Mt. Gox handled this poorly and it reflects similarly on the entire community. Whether it was by conscious choice or compelled choice matters not. I appreciate they were able to take the honorable route of excusing themselves from the table.
Past that, we can't assume much about the situation until they tell us what the status is. Hopefully it'll resolve this week and we can all move on from it. Lessons learned.
It is anyone's guess. The MtGox developers have been far from transparent about their current roadblocks. The MtGox BTC price will continue to fall the longer this charade continues. The other exchanges will likely rebound once MtGox is out of the press. MtGox has deviated too much to be relevant in the fast pace of Bitcoin trading. No rational consumer is going to trust them going forward.
Could this be a plan to drive down the BTC price on MtGox, let the MtGox admins buy out their entire supply at bargain prices and then they can manually transfer their coins out? They might be able to make enough profit there to cover the losses from the hack, depending on how much they lost.
I don't have funds in MtGox, but I really wish they could at least make everyone whole using profits(that hopefully were eventually moved into fiat) before shutting down. I'm mildly impacted in that my day-trading has been stalled since MtGox drama has prevented the monthly'ish high swings of coin prices. But I know that's nothing compared to funds mtgox account holders stand to lose in this. However, I'm not sure I have the same sympathy for these folks[1].
The sooner they fade back into obscurity, the sooner our investments aren't at risk from their opaque operations, unless you're reading this and you have coins in Mt. Gox in which case, you're familiar with the game of Sorry!
Although you will read people saying don't draw that conclusion with links to evidence and a great case, historically f-ups like this in any finance/money related industry do not result in "everyone getting their money back". I hope you all do, but the odds are not in your favor.
Does anyone with a lot of knowledge about this have any idea on whether or not Mt. Gox will return? I've got a small amount of BTC in there (so small that it isn't an issue to lose). However, I'd prefer to move it to another exchange than just punt it.
Mt Gox resigned the board seat Karpeles currently holds. Karpeles is still a founding member of the foundation, and Mt Gox is still a gold sponsor of the foundation.
I would suggest not "storing" any coins in any exchange. Isn't it kinda missing the point of cryptocurrency if you're just trading your FDIC bank with one you probably should trust even less?
I tried to withdraw at the start of January. Their site says it should take 4 weeks. It's been almost 2 months and I still haven't gotten it. Not that I'm surprised or anything, but I wouldn't expect to be able to withdraw any time soon.
