Bitcoin is undergoing another existential crisis, as one of the largest trading exchange – Mt Gox – has told customers that it’s not letting them withdraw their cryptocurrency. It’s blaming an issue with Bitcoin’s underlying architecture, and it wants a development fix to be rolled out across the network.
It’s an announcement that has caused one of Bitcoin’s unfortunate dives in value against fiat currencies. Here’s what bitcointicker.co looks like:
That’s a lot of people selling their bitcoins, crashing the price in a very short time. To explain what’s going on, we have to deal with the concept of “transaction malleability”, and the way bitcoins can be sent with messages attached to them.
Sending bitcoins from one wallet to another relies on a user sending notice of the transaction out to the rest of the network, so that the nodes that sort and file transactions in the blockchain can verify it. A transaction’s marked as completed once it’s been verified as part of the blockchain.
So, hypothetically, let’s say the blockchain records that I have 100 bitcoins assigned to my wallet’s address. I send a message out to the blockchain that I want to send those 100 bitcoins to John Johnson’s wallet; a node on the network picks it up and confirms it, rebroadcasting it. Once the blockchain is verified by a majority of the total number of nodes, the blockchain will show that John’s wallet now has 100 bitcoins and I have none in mine.
The architecture that makes that happen is a bit more complicated than that, though, as it relies on cryptographic signatures to verify that each transaction is what it says it is – if it didn’t, then it’d be possible for anyone to spoof a transaction from someone’s else’s wallet to their own, making Bitcoin useless. That’s kind of what Mt Gox is worried about, though.
Someone who has bitcoins stored in an exchange wallet, like Mt Gox’s, can theoretically request to withdraw them at any time. That will generate something called a “transaction hash”, which is a bit like a customer order number, and is useful for keeping track of individual orders. The problem is that this part of the transaction, unlike the encrypted wallet addresses, isn’t permanent – it’s possible that someone could quickly edit the transaction data with a new, other hash, send it back out into the blockchain, and hope that their fake version gets accepted by more nodes than the real one – and, thus, becomes the permanent record in the blockchain.
That’s a major problem for Mt Gox, because the bitcoins would still end up going from their wallet to the customer’s wallet – it just wouldn’t have their transaction hash attached to it, so they’d think that it never went through. A scammer could then email Mt Gox, tell them that they never received their bitcoins, and the technician at Mt Gox would check the records, see that the transaction hash they recorded never ended up where it should have, and repeat the withdrawal. Bingo – the scammer’s doubled their bitcoins.
If that’s not clear enough, think of it like this: you have a friend who works for Royal Mail. You order some trainers online, they gets sent via your friend’s sorting office, he sticks a new tracking number on it. You get your package, sign for it, and then email the online shop claiming the trainers never arrived. They check with Royal Mail, who say that trainers were returned to sender. The shop, believing those trainers have been put back into their inventory, send them out again. Two pairs of trainers for the price of one.
This is transaction malleability, and until it’s fixed, Mt Gox isn’t letting anyone get at their bitcoins:
We believe this can be addressed by using a different hash for transaction tracking purposes. While the network will continue to use the current hash for the purpose of inclusion in each block’s Merkle Tree, the new hash’s purpose will be to track a given transaction and can be computed and indexed by hashing the exact signed string via SHA256 (in the same way transactions are currently hashed).
This new transaction hash will allow signing parties to keep track of any transaction they have signed and can easily be computed, even for past transactions.
We have discussed this solution with the Bitcoin core developers and will allow Bitcoin withdrawals again once it has been approved and standardized.
Users had been having troubles getting bitcoins out of Mt Gox since December, and while this latest announcement wasn’t unexpected, it did confirm what many had feared for a while.
For what it’s worth, transaction mealleability has been known about since at least 2011 within the core Bitcoin developer community, with its own page on the Bitcoin wiki and the subject of discussion on developer message boards. Developer Greg Maxwell, speaking to Cryptocoin News, claimed that the problem is with Mt Gox’s own poor coding, and its statement is an attempt to “spin” the issue as not their fault when “internal only changes should account for it”. Users of reddit’s Bitcoin subreddit appear to agree that Mt Gox has been complacent in not demanding proper identification for transactions.
Mt Gox’s size – it used to be the largest exchange by transaction volume until last year, but at 19 percent of total volume it’s still the third-largest – meant that an announcement that people couldn’t get their bitcoins was always going to cause something of a panic. It’s nothing like enough to threaten the overall viability of Bitcoin to its community of users, but it’s an example of the kind of problem that still happens often enough to justify calling it “volatile”.