As we know, when MtGox fell over it insisted that it had been tricked by transaction malleability into shipping out off the exchange hundreds of thousands more Bitcoin than it actually had. Losing a few hundred million $ worth of something by paying it out twice or more might well have that effect of making an exchange fall over.
Then just this week we were told that MtGox had actually found 200,000 Bitcoin down the back of the digital couch. Just spare change that they’d forgotten about in an old wallet. Which rather disturbs their story about transaction malleability, for if they lost, as they now say they did, those 200,000 three years back then the alt-currency obviously wasn’t there for someone to steal just recently.
Now there’s another blow to their story. By monitoring the network a couple of researchers have tracked how much of that double demanding of coin was actually going on. Turns out the answer is very little — and pretty much none before MtGox went down:
In Bitcoin, transaction malleability describes the fact that the signatures that prove the ownership of bitcoins being transferred in a transaction do not provide any integrity guarantee for the signatures themselves. This allows an attacker to mount a malleability attack in which it intercepts, modifies, and rebroadcasts a transaction, causing the transaction issuer to believe that the original transaction was not confirmed. In February 2014 MtGox, once the largest Bitcoin exchange, closed and filed for bankruptcy claiming that attackers used malleability attacks to drain its accounts. In this work we use traces of the Bitcoin network for over a year preceding the filing to show that, while the problem is real, there was no widespread use of malleability attacks before the closure of MtGox.
If you’re into Bitcoin it’s worth reading the whole paper. The essence of it is that they’ve been monitoring a reasonable subset (some 20%) of the available nodes for evidence of double withdrawal attacks since Jan 2013. And the number of Bitcoins that MtGox say they lost is greater than the total number of Bitcoin that can be identified as having been even subject to a malleability attack, successful or unsuccessful. And the vast majority of such attacks came after withdrawals from MtGox had been suspended. That is, the publicity and suspicion about what had happened itself seems to have been the trigger for most of the attacks.
The transaction malleability problem is real and should be considered when implementing
Bitcoin clients. However, while MtGox claimed to have lost 850,000
bitcoins due to malleability attacks, we merely observed a total of 302,000 bitcoins
ever being involved in malleability attacks. Of these, only 1,811 bitcoins
were in attacks before MtGox stopped users from withdrawing bitcoins. Even
more, 78.64% of these attacks were ineffective. As such, barely 386 bitcoins
could have been stolen using malleability attacks from MtGox or from other
businesses. Even if all of these attacks were targeted against MtGox, MtGox
needs to explain the whereabouts of 849,600 bitcoins.
Well, quite. Of course it’s always open to MtGox to say that they lost the coins to such attacks before Jan 2013. But that just again means that they’ve been trading insolvently for 14 months. Something that is really terribly naughty to do.
Script kiddies having a lark, as I’ve suggested before.