Return to site

The Non-Expert's Guide to the Mt. Gox Fiasco

I’ve had a number of friends and acquaintances contact me asking what exactly has been going on with Mt. Gox and its purported insolvency, asking some variation of, “What’s all this hot wallet cold storage transaction malleability business?”I don’t pretend to have any insider information on the topic, but hopefully can provide a comprehensible explanation of what has happened in the past twenty-four hours.

First, a bit of context:

Created in 2010, Mt. Gox is (was?) based in Japan and led by CEO Mark Karpeles. It started out as one of the earliest and most respected Bitcoin exchanges, and quickly grew to be the largest. Since then, it has lost a significant degree of trust. Mt Gox has had issues with withdraws, crashes etc in the past, and most recently declared that transaction malleability, “a bug in bitcoin”, was forcing them to suspend withdrawals. Mt Gox bottomed out yesterday with the news that it appears to have lost over seven hundred thousand bitcoins, most of which were customer funds. Mt. Gox is currently closed for trading, and it is unclear if and when it will reopen.  A crisis strategy document attributed the  bitcoins’ disappearance from their location in cold storage to a leak in the hot wallet.

What’s transaction malleability?

Whenever a bitcoin transaction occurs, it is recorded in the public ledger, which is a list of all bitcoin transactions that have ever taken place. Each of these is identified by a transaction ID (TXID). At a high level, transaction malleability describes the fact that signed transactions can be altered slightly in ways that end up changing the TXID, without invalidating the signature. The Bitcoin community has know about this since 2011 and there are legitimate reasons for which transactions could need to be modified, so it’s not necessarily a problem. Where it did become a problem, however, was where Mt. Gox was using TXIDs (which, to reiterate, are known to be modifiable) as the definitive way to track transactions.

Rather, transaction IDs were designed as an easy reference for support services. “[Processors] will issue this transaction ID, and if you have an issue with the transaction, you can call the support desk and tell them if the transaction didn’t arrive.”

The support desk at Mt. Gox repeatedly reissued disbursements to customers who reported that they hadn’t received funds from transactions linked to a modified TXID. Mt. Gox had no way of verifying the transactions, and the fact that they issued the disbursements regardless apparently resulted in Mt.Gox’s internal records becoming more and more divergent from the public record of transactions.

What are hot wallets and cold storage?

In order to spend bitcoins, you need access to both a public and private key. The public key is your address, where you can recieve bitcoin, and the private key is something like a password that allows you to spend the bitcoins. The practice of storing bitcoin offline, not on the web server or on any computer, is known as keeping them in cold storage. This is exactly what it sounds like—printing your private keys and storing them in a physical wallet, much as you would do with cash.It is done in the interest of safety, so that if a malicious hacker gains access to your account, they wouldn’t be able to run off with all your bitcoins. There are various ways to keep your funds in cold storage, including paper wallets. It’s a wise idea to keep the majority of your bitcoin in cold storage, which is why (most!) Bitcoin exchanges also operate this way. The website (exchange)will hold a certain number of bitcoin in hot storage, in an online wallet, so that it can be withdrawn instantly by people who hold accounts with that exchange. The majority of the reserve will be kept offline in cold storage. Bitcoin exchanges keep all funds, including the amount in cold storage, on hand and do not loan funds out at any time.

So, what’s the problem?

Ostensibly in order to avoid a “run on the bank” type scenario in which distrustful customers would withdraw from Mt. Gox en masse, the exchange halted withdrawals on February 7th. This is not a completely unexpected development. Despite retaining a large percentage of the world’s bitcoin supply in customer accounts, Mt. Gox has been losing credibility in the bitcoin ecosystem for some time. In November of 2013 many customers were already having issues withdrawing their funds, experiencing delays of weeks or even months. The situation continued to compound until the full stop in withdrawals, and culminated in Mt. Gox’s site going white on February 24. They also wiped their twitter feed, and issued a statement that reads,

Dear MtGox Customers,

In light of recent news reports and the potential repercussions on MtGox’s operations and the market, a decision was taken to close all transactions for the time being in order to protect the site and our users. We will be closely monitoring the situation and will react accordingly.

Best regards,

MtGox Team

Is Mt. Gox guilty?

The simple fact that it took Mt. Gox several years to realize that they were missing 744,408 bitcoinsthe equivalent of 6% of the world’s supply of bitcoin, worth 365 million dollars is mind-boggling. In their crisis strategy document, they state that the theft went unnoticed for years. It is challenging to imagine ineptitude at such a grandiose scale, so the logical alternative is that they had been aware of the issue for a long time and voluntarily chose to hide this information from their investors and the public at large.

The document also states that “The cold storage has been wiped out due to a leak in the hot wallet.” If you’re doing it right, the cold storage should not be accessible via the hot wallet, leak or no leak. That’s the whole point of separating the two. As Andreas M. Antonopoulos, Chief Security Officer of Blockchain and respected bitcoin entrepreneur and developer aptly put it, “Cold storage” does not “leak.” If Mt. Gox was truly robbed, it is genuinely an astounding case of carelessness in storing and managing funds on their part.

I have no particular evidence to indicate whether this was actually dishonesty or pure incompetence, and as such will refrain from comment here. Assuming the crisis strategy document is correct, and Karpeles and the rest of Mt. Gox is honest, the funds were stolen through an external attack, the details around which remain murky at best. At the very least, the incident illustrates a formidable lack of attention to detail and a fundamental ignorance of the basic principles of accounting (these can be succinctly summarized as: 1. inputs must be ≥ outputs, 2. don’t lose everyone’s money).

What now?

I have deep sympathy for those who lost money through Mt. Gox. For the Bitcoin ecosystem as a whole, however, it’s likely to be a positive development. Mt. Gox had been destabilizing the price and causing unrest in the market for some time. Evidence of this is the remarkable stability in bitcoin prices following the (at least temporary) demise of the exchange. I hope I am not too naïve about the implications; I fully expect there will be significant volatility in the coming months. I’m still bullish on the long term potential of bitcoin, however. Mt. Gox might be dead, but the network as a whole is finally free to move forward.

** A previous version of this post referenced fractional reserve banking to help explain the concept of fractional reserve banking to help explain hot and cold storage, but following several comments that it was confusing, I’ve removed that section of the post.