Skip to content

Bitcoins (2)

My first blog on this topic was in January with some basic arithmetic, which showed that buying fancy kit to mine bitcoins looks a thoroughly dicey business. I intended the next article to be about various schemes being deployed to make money in such an environment – all the standard financial tricks are being wheeled out, and I wanted to warn any naive folk left out there …

But first I need to deal briefly with some more immediate news – the apparent collapse earlier this week of Mt Gox, the main bitcoin exchange.

Certainly, the website has gone down and useful information has emerged from its management slowly and painfully. Then a bitcoin blogger (Ryan Selkis) put up this which he claimed was an internal MtGox discussion document:

mtgox1

In bold on the first text page of the 10 page document we have this claim:

At this point 744,408 BTC are missing due to malleability-related theft which went unnoticed for several years.

The cold storage has been wiped out due to a leak in the hot wallet. The reality is that MtGox can go bankrupt at any moment, and certainly deserves to as a company. However, with Bitcoin/crypto just recently gaining acceptance in the public eye, the likely damage in public perception to this class of technology could put it back 5~10 years, and cause governments to react swiftly and harshly. At the risk of appearing hyperbolic, this could be the end of Bitcoin, at least for most of the public.

The document goes on to claim that MtGox has essentially this balance sheet:

Assets $32M + 2,000 bitcoins (in the hot wallet)
Liabilities: $55M + 744,408 bitcoins

This seems bizarre for a document which has had any input from an accountant, so my immediate instinct was that it was a hoax. The whole document is fairly muddled, but the claims seem to be essentially that “hackers” stole 744,408 bitcoins (essentially belonging to customers) from the MtGox site, leaving it bankrupt. Odd because the numbers above suggest it was bankrupt to the tune of about $20M even before the alleged disappearance of the bitcoins.

However, we then had this:

foxBus1

Karpeles made the statements in an Internet Relay Chat (IRC) this afternoon with Jon Fisher, an industry consultant and founder of WickedFire.com, a New York-based internet-advertising watchdog. FOX Business obtained private chat logs (excerpts can be found below) from the conversation. In those logs, Karpeles tells Fisher he has not “given up” on Mt. Gox and he can’t disclose if he has decided to step down as CEO of the exchange …

In the IRC obtained by FOX Business, Karpeles denies the document was produced by Mt. Gox, but confirms that it is “more or less” legitimate.

Hmmm. Not produced by Mt Gox, but “more or less” legitimate. If the claim of a massive theft/loss was false, that would be a totally dumb thing to say. But maybe Karpeles is totally dumb when it comes to PR. In any case, the statement has been taken by the mainstream media (eg the BBC) to confirm the theft/loss.

The method of theft is known as “transaction malleability” according to BusinessWeek:

A hacker can tinker with the code that makes a Bitcoin transaction happen, so that it looks like it didn’t go through. The person who was supposed to receive a payment then asks again and, in Mt. Gox’s case, is paid again automatically. Mt. Gox has acknowledged this was happening. It seems that someone has been slowly bleeding it for months, leaving it without the funds to pay out legitimate withdrawals. But with the company being pretty tight-lipped about it for now, that’s only the best theory.

Mainstream media are now speculating that Bitcoins may now be dead. Eg, the LA Times on Tuesday:

Bitcoin … on verge of collapse

In a stunning blow to a novel way to buy products and services, the world’s largest exchange for trading bitcoin currency shut down Tuesday, triggering a massive sell-off and sending many prospective investors away — perhaps for good.

On the other hand, plenty of venture capitalists who have collectively poured tens of millions into bitcoin startups are busy saying that actually all these events are extremely positive, when correctly viewed. The Wild West should now be cleaned up, leaving bitcoins to flourish in a better, more regulated environment.

One interesting feature about the whole episode is that alarming behaviour at MtGox is nothing new. There is a forum thread of about 5 pages here, recounting the last major alarm in April 2013. It is a classic high-quality internet forum, full of insight, nonsense and red herrings in equal measure (as opposed to a classic low-quality internet forum which is 100% dross).

The upshot is that the guys at MtGox are (1) all geeks, (2) the wrong kind of geeks, and (3) too dumb to recognize their own shortcomings and get help when things went wrong in early 2013. They have no idea how to write trading software and have been totally incompetent over a period of years, despite apparently having ample business and cash flow to sort out the mess and establish a reliable exchange. [see Note at end]

One major symptom has been serious delays in executing trades. The price can move as much as 30% during these delays, so there is clearly scope for the exchange or its close associates to capture substantial profits, which may be technically legal (since there is little law governing unregulated things like bitcoin) but would clearly be a scam. For example, if the price is 500 $/BTC at 2pm and 600 $/BTC at 4pm, then pass the BTC from 3rd party sellers at 2pm to close associates, who sell at 4pm to 3rd parties. Then give the 3rd party sellers 500/BTC and charge the 3rd party buyers 600. If, however, the price went down at 4pm, then link the 2pm sellers direct to the 4pm buyers.

It is also interesting that “transaction malleability” seems to be a well-known issue for exchanges, which all the other exchanges have apparently been able to cope with without loss.

However, it is completely unclear whether MtGox have been honest but incompetent and naive, or competent at being dishonest. My guess is the former. But no one with any experience of finance who read those 5 pages of forum would deal with MtGox without substantial further enquiry (the only purpose of which would be to determine whether they represented a profitable market for consultancy/rescue services or were merely crooks).

Of course, the public cannot be bothered to uncover and read such stuff, which took me maybe a couple of hours of googling to find and another 20 minutes to digest. Indeed, many of them would not really understand the implications of what they were reading even if they did read it.

That is why we need high-quality regulation. It is not reasonable to expect Joe Public to do hours of high-powered research before embarking on simple everyday transactions. Interestingly the dollar value of bitcoins has not collapsed. When I last checked (10am London today) it was $565. This chart shows a substantial fall around 7 Feb but a steady price since 15 Feb. There are reports of people selling heavily discounted bitcoins stored at MtGox in other fora, but the panic does not seem to have spread to the other exchanges.

Of course, the UK and the US can hardly be said to have benefited from high-quality regulation of the banking sector in 2007 and 2008. Certainly the regulators and other authorities did a highly competent job of sorting out the mess and preventing total melt-down, but they did an incompetent job when it came to preventing it happening. Indeed, plenty of other regulators in the UK seem to be not particularly competent about protecting the consumer from abuse. The question of whether it is possible to do better, and if so how, is something to which I shall be returning.

NOTE (added 28 Feb 14)

Much of the critical information in those forum pages (esp about the guys at MtGox being the wrong kind of geeks) comes from Andreas Antonopoulos, who is currently chief security officer at Blockchain.info, which inter alia runs a bitcoin wallet. So one question is obviously whether he is simply badmouthing the competition. My view was not. This article gives more detail.

Post a Comment

Your email is never published nor shared. Required fields are marked *