That said, this event is extremely encouraging. Not only is the security and the viability of the currency being tested. But more importantly, the communication and cooperation between the major players in the Bitcoin ecosystem is being tested. And so far, the community is kicking ass.
To me that signals that perhaps Bitcoin really is a viable currency for the long term, and that it may really be a great way to think about money and value exchange.
At its core, BitCoin is unbelievably simple: a ledger of account, no different than an Excel file, distributed across millions of computers, kept honest through offering rewards for protecting the ledger's integrity. There's really no such thing as a BitCoin, just a row in that ledger that says "1.23456", and only the holder(s) of the key for that row can send a portion of that number to a different row. Like with any form of money, any value derived from that ledger is purely a product of collective belief.
BitCoin is roughly at the place where Mosaic was in the early 90s. The real story isn't about BTC becoming the new world currency; it's a technological and sociological prototype of a new type of distributed application which has only barely begun to be explored.
Systems which use the bitcoin mechanic need a lot of adoption before they become trustworthy.
If this was two major banks and they said they had to stop withdrawals for 1-3 days to fix a software bug that's been exposed through a concerted attack, one they already knew about and could have prevented, I don't think you would be saying the same thing ...
Ultimately this might prove a footnote in the Bitcoin story, or it might be the harbinger of more trouble, who knows. But I do think it takes quite a bit of spin to think of this as somehow being encouraging or a net positive. I think if this had maybe stopped at Mt. Gox, an exchange that was universally considered a bad player, you could think of it has good overall (ignoring the fact many people would have still been screwed over). But it seems clear it's gone beyond them.
You can stop right there, as Bitcoin is nowhere near the place where it is equivalent in any way, shape, or form to "two major banks". If it was, your critique would be valid. Since, instead, it's more like a bank startup, these kinds of disruptions are expected and encouraging, because it allows third-parties to see how difficulties are resolved, and how robust Bitcoin is or is becoming.
P.s. I have never owned, mined, or otherwise installed or used any software related to Bitcoins. I have no horse in this race whatsoever.
The scammer will be able to sell the same "bitcoin" over and over if they want, or set up a fake "Validate your bitcoin here" site.
The type of people that buy from the back of magazines are probably the type that would hang on to this "investment" for their grandchildren... while the scammer is long gone.
Then read the paper! :) it's not complicated and it's pretty short.
btw do you understand how the banking system works?
These poorly coded exchanges were looking for an exact hash match to pop up on the block chain, instead of looking for the deposit/address.
The actual security of the system is not really impacted at all, and the core Bitcoin clients cope fine with this. The exchanges may have put themselves at risk, but that is on them.
That's the thing I don't get. If one is going to allow non-essential changes, shouldn't one _not_ include those data in the hash? Alternatively, should one simply not allow changes, period?
I've not read the Bitcoin paper, just summaries (been too busy, and it's outside my area); perhaps there's a good reason for it.
Spending unconfirmed outputs in the presence of malleable transactions is unsafe. The reference client allows spending unconfirmed change outputs as they used to be considered safe. But if the original transactions is modified then the chain of unconfirmed transactions becomes double spent and the reference client gets confused about balances.
People are making the case (and I tend to agree) that Gox should have contacted the other exchanges in private to discuss this problem before going public with it.
There's a very good chance this widespread attack is a direct result of Gox's announcement.
Basically, the price goes up quickly when new people are attracted to bitcoin and rush to buy. When the price dips however, because so much is bought for long term speculation, the price doesn't really dip much, as no one is incentivised to sell and hold out for when it gets better.
At some point the nerve of those holding out may crack, but if you read silly saurus2's post, its quite clear that many will hold out indefinitely on the belief or hope it will one day recover. So in this manner the bubble can deflate slowly. (If you call 10% in a day slow).
There are no settlement dates or ways to easily move money out (especially now) so a crash is prevented.
If a crash happens it'll probably happen before people realise it, but suddenly there just won't be anyone wanting to buy coins anymore.
But even that might not happen as people already invested into bitcoin use how wealthy they feel to buy bitcoins from each other. That can cycle for a long time before people realise there isn't new money in bitcoin.
If you had bought coins at 800-1000, why would you sell now? No one likes to cement a loss.
Those with the most reason to sell right now are the early adopters, but it's not actually clear how many of those coins are actually reachable.
if you have 100 btc in an offline wallet, you will still have it tomorrow, despite whatever bugs/attacks hit the exchanges.
imagine if your bank was hacked, many people would literally be removed of their money.
With cryptocoins, you have the advantages of keeping dollars under your mattress while still bring able to spend them anywhere that accepts them.
I believe the change was made in release 0.8.6
The fix is checking all inputs/outputs rather than relying on the transaction hash.
Edit: Here is a good explanation of what this latest problem is which is different than the problem MtGox is struggling with http://www.reddit.com/r/Bitcoin/comments/1xm49o/due_to_activ...
Day two: Uhh... "Stay calm. This is just the expression of that non-issue looking like an issue. We know what we're doing."
Bitcoin has, generally, intrinsic crash protection right now. The price can't plummet if you can't find trading partners. Nobody really knows the price. The dotcom crash was from lofty to zero. As the price eats through panic sell thresholds, pants are shat. At least with commodities, people can point to the ones that went to 0 and stayed there. Since it hasn't happened with bitcoin, people can still sing the "it always bounces back" tune.
I've kicked the dead horse of stability. I've hinted at liquidity issues, but this is a grave lack of liquidity. The only thing left is any belief that there is value. If that starts to deteriorate due to the other issues, poof
Not to mention... the primary exchanges seem to produce that sort of clunky, bug-riddled system that undermines my confidence. A derivatives exchange? So, what the come-latelies are working on? They ain't even no Satoshi.
I'm new to this but maybe we need to make it easier to move money from wallet to wallet, from wallet to "hard" currencies and back, etc. Right now it's practically impossible to get verified on an exchange, get money out, paying anywhere with it, etc. You are lucky if you have a bitcoin ATM where the rate is probably not that good but at least you can get some coins without sending your passport to an unknown exchange half across the world.
Without Bitcoin reaching in the real world faster, I'm not sure what strategy to employ to give it any value in the long run, making it more volatile too...
Though I profited strangely last Saturday when ponzi.io screwed up and gave me a ~96x payback, Ponzi/Casino/etc schemes which may in a way help market BTC through ensuing media frenzy, are still mostly detrimental while they are the majority of the currency's activity.
So, maybe we need to simplify software and make them all more compatible, through exported private-keys, etc. Why do I have to pay a fee by paying myself to move my money from my computer to my cell phone, for example...
How can any store expect to be paid in Bitcoin? Does he have to wait 6 verifications before letting the client go? Should we pay when we arrive and trust the store for the change? Maybe then we can have an Escrow service, 3 key involved, to vouch for those short term transaction but then aren't we back to the banking problem?
Is anyone working on a wallet that is compatible with import/export and that grandma can use? :)
It's a non-issue in so far as it does not prevent bitcoin from working as it should if you do implement things as the original client does it, it's only an issue because it's something you might easily get wrong when implementing a new client (which apparently happened to some other developers), and it would have been avoidable - but changing the behaviour now has to be done very carefully, coordinating with all implementors of bitcoin clients, in order to make sure the fix does not cause a blockchain split, so that is what is happening.
Not to be an excuse for the consistent problems with MtGox, but everyone who is affected by the current DDoS attacks should just shut the f..k up.
The drama isn't because of bitcoin, it is because it is the first cryptocoin breaching new markets consistently. So as it treads new ground there will always be resistance.
Better to get these bugs out of the way now than in two years when market cap is much greater.
Basically the reference client allows an edge case where it allows spending an unconfirmed output if that output was generated by the wallet itself as change. This can form a chain of unconfirmed transactions. When the malleable bot modifies the original one they all become invalid. The reference client does not handle this case well, it gets balances wrong, and clogs the wallet up.
It's unfortunate that Mt Gox got a lot of heat for calling out the issue from the foundation and core developers saying that malleability was known and wasn't a bit issue. in fact it is an issue due to this edge case in the reference client.
Assuming equal reach for would-be-sellers and would-be-buyers, more buyers are capable of expressing their opinion in the market than are sellers.
Is it unreasonable? No. Is there any evidence to suggest it? No.
>The first form of malleability is in the signatures themselves. Each signature has exactly one DER-encoded ASN.1 octet representation, but openssl does not enforce this, and as long as a signature isn't horribly malformed, it will be accepted. In addition for every ECDSA signature (r,s), the signature (r, -s (mod N)) is a valid signature of the same message.
> [...]I'm a bit hesitant to bake in assumptions about malleability when we have no solid idea if ECC signatures are or are not malleable on a fundemental level; if "whack-a-mole" anti-malleability is all we've got it could be ugly if a break is found.
I understand this to mean, there may be unknown ways to transform signatures, like the s sign flip you quoted. In that case there would be no way to know which representation is "canonical." Thus, malleability is either a fundamental, fatal flaw in Bitcoin, or just something Bitcoin developers need to work around.
Now, it seems even the reference implementation isn't perfect about malleability, and perhaps people could have been better about making the issue known. So there is work to be done, but it is not a "bug" that can be "fixed", at least not without upgrading the entire network, and/or risking it popping up in the future when someone applies more ECDSA signature mutation tricks. The real solution, if you want to safely fingerprint transactions, is to make your own transaction hash that is immune to malleability, like [2].
[1] http://sourceforge.net/mailarchive/message.php?msg_id=319546...
[2] https://github.com/sipa/bitcoin/commit/e7853a91cf646a6a47011...
I think it would be the first JB movie that has a chance of not being out-of-date tomorrow.
Maybe foreign government? Heck, domestic government?
Not, in general, true. You could rent thousands of botted-up consumer-grade PCs located in the United States to run your custom bitcoin client for hundreds of dollars. This particular attack doesn't require any detailed computation -- all you have to do is observe a transaction broadcast from Legitimate Node N1, perform nanoseconds of computation on it, and broadcast the resulting transaction from your Conspiring Nodes N2...N1000 faster than N1 does. Assuming you do, your altered transaction will be the one adopted by the consensus, not the original one.
The technical complexity of this attack is substantially below several levels of e.g. the Stripe CTF event, which were designed to be implemented by intermediate programmers in a few hours of play.
