The digital currency Bitcoin has gone through a traumatic month of February, culminating in the closure this week of Mt. Gox, once the world’s biggest Bitcoin exchange. Its CEO has resigned, and the Bitcoin market has been thrown into chaos.
The problems at Mt. Gox first surfaced on February 7th, when the Japanese company halted the withdrawal of Bitcoins, blaming a system glitch. Bitcoin values swiftly plummeted worldwide, and the Mt. Gox website was initially replaced by a simple statement that all transactions are closed for the time being "in order to protect the site and our users.” Other exchanges had some transaction problems, but recovered and have been operating normally.
Deeper Issues with Mt. Gox
In the week preceding the company’s closure, a document appeared online with the title "Crisis Strategy Draft" presentation, allegedly from within Mt. Gox. This presentation claims that 744,408 Bitcoins are missing from Mt. Gox due to malleability-related theft over a period of several years, representing almost 6% of the Bitcoins currently in circulation.
Some in the Bitcoin community claim this document is a fake. Others believe it is genuine.. Regardless of who is right, the global focus on this document helped push Mt. Gox over the brink. Its sudden closure has left depositors fearful and angry, as many investors stand to lose hundreds of thousands of dollars in now irretrievable Bitcoin holdings. Total Bitcoin losses at Mt. Gox may exceed $400 million.
Is this episode an example of a crumbling monetary system, or is it more analogous to the investment community ridding itself of Bernie Madoff? It could be at least a little bit of both – and for something that is in essence a startup currency, is there much of a difference between the two situations, since confidence will be shaken in either case?
What is Malleability-related Theft?To understand malleability, it's important to know how Bitcoin operates.
Bitcoin has no central authority; in essence, it is a huge, transparent, third party accounting ledger known as the blockchain. Transactions are registered on the blockchain, with encoded information such as the incoming and outgoing addresses for the exchange and the amount transferred.
This transaction is uniquely registered by using a mathematical procedure known as a “hash function”, producing a "hash" that contains a digital signature from the user. This digital signal requires a specific format, and malleability comes into play when alterations of this digital signal are still accepted. The malleability could be an accident, or intentional.
For a somewhat stretched analogy, imagine you withdraw money from an ATM, but you have a way to confuse the ATM into thinking you never received your money. The ATM repeats your transaction, thus the bank loses the amount of your transfer. You may get away with this for a while, but at some point a well-run bank should notice the discrepancies and establish double-check procedures.
The exchanges are in a similar position. They can't necessarily find transactions with altered digital signatures in the blockchain. The recent problems appear to be denial-of-service efforts with malleability attacks on multiple exchanges and transactions – to use the above analogy, it's like a concerted effort to hit a series of ATM's, at all of the banks, simultaneously.
A well-run exchange will have a back-end accounting system to sort out the mess; a poorly-run exchange will not and may be unable to survive these hits. It appears that Mt. Gox is in that tenuous state right now – and if the "Crisis Strategy Draft" is to be believed, Mt. Gox has been poorly run for a long time.
Cleaning up the Mess and Rebuilding ConfidenceBitcoin appears to be at least partly to blame, but their flaws appear fixable through software improvements. The verification system may be strengthened at the exchanges to further provide security. Mt. Gox may end up failing, just as banks occasionally fail.
The question here is: without a central authority, what happens if it does fail? There is no equivalent of the FDIC to provide insurance.
The other Bitcoin exchanges appear to be closing ranks, and are working on addressing these flaws while portraying Mt. Gox as just a bad actor (albeit one playing a starring role). If they successfully navigate these rough waters, it may actually strengthen Bitcoin in the long term to prove that the system can handle a fiscal crisis.
However, that's going to require a lot of PR work. This rather complex topic needs to be explained in a simple enough way that non-experts will feel confident that something of this nature will not happen again.
It also requires some sort of suitable resolution to Mt. Gox's situation – will those who lost money have any means of recovery, and are the lost Bitcoins just orphaned (inaccessible to anyone), or does somebody actually control them? Will there be a criminal investigation and, if so, who has jurisdiction?
The Bitcoin system itself is likely to be straightened out soon, but factors outside this system – the ones involving confidence in the currency – could doom Bitcoin if they are poorly addressed or not addressed at all. It's going to be an interesting few months in the virtual currency world, just as February has already been. By the way, Bitcoin value was a lofty $947 on February 4. On Mt. Gox, before its collapse, the price dropped as low as $135, but as of this writing, (February 27), they are at $558. Stay tuned..