McCaleb replied to my email. In response to my question "Did anyone ever actually trade card for card or money for card on Mtgox.com?", he replied "yeah they did".
There was a post on the front page a while back which strongly indicated no, other than buying the domain name, no progress was made to actually launch a Magic The Gathering trading card site.
There's a difference though, the last time Gox was hacked, people assumed the loss was coming out of Gox's wallet... now its clear the loss is coming out of everyones (until proven othewise)
This price differential will arbitrage itself away pretty fast if the "new and improved: now with non-disappearing deposits" MtGox is actually capable of transferring Bitcoins to a wallet outside of the exchange.
No, shut down completely, now, and the creditors have a chance of partial recovery.
Keep on trying to make this a viable business and they will burn through more and more of their assets paying lawyers, accountants, consultants, directors, and managers. If you are one of those latter group, I see why this would be valuable to you.
Creditors who are in stage 1 (denial) or stage 3 (bargaining) may still be trying to recreate this as a viable business, but it's like trying to make up for your losses at the roulette table by making bigger and bigger bets.
> At the start of February 2014, illegal access through the abuse of a bug in the bitcoin system resulted in an increase in incomplete bitcoin transfer transactions and we discovered that there was a possibility that bitcoins had been illicitly moved through the abuse of this bug.
...
> We believe that there is a high probability that these bitcoins were stolen as a result of an abuse of this bug
I find the insistence that this catastrophe was brought on by a protocol bug very suspicious. A recent post on HN by an expert elaborated on why transaction malleability wasn't likely to have been the source of this exploit [1]. Meanwhile Mt. Gox is insisting that they were robbed by a bug in the protocol.
This could be the position advised by Mt. Gox's legal representation, in a sort of "that's my story and I'm sticking to it" sort of way. If this line is actually true, then either the transaction malleability issue is much much bigger than we anticipated, or the bitcoin protocol has some vulnerability that we don't know about.
True, this post contains speculation on some matters, but if a professor at Cornell whose work focuses around distributed systems who authored the selfish mining attack isn't an "expert," then I don't know who is.
The author has credentials, but there is absolutely no expertise demonstrated in cryptocurrencies, much less regarding the specific issues of MtGox.
It was all speculation, and it is inconsistent in its inputs -- on the one hand it disbelieves what MtGox claims, but on the other it takes historic claims of security (that keys were in cold storage) as proof of other conclusions.
Speculation that is based upon cherry picked belief and disbelief might yield the conclusions that one wants, but it adds little to the information pool.
And regarding claims that keys were in cold storage: Maybe, but one thing I think we're all learning from these amateur hour platforms is that a lot of claims aren't backed by reality. They have "Top men" working on their security. "Top men".
yes that post is raw speculation and shouldn't be taken as truth. It's a bunch of "what-if's" and "we don't think anyone can be so incompetent" statements.
So over a period of years your Scrooge McDuck money bin gets emptier and you are completely oblivious to this up until the point that it's basically empty?
The kind of incompetence involved here borders on mental retardation.
The ignorance around TARP baffles me. Before I explain, let me state I am against bailouts in general.
In the bailout $245B was given to private banks and $187B was given to fannie and freddie, money was also handed out to GM, insurance cos. etc. to a total amount of $610B.
As of 2014, >$380B was returned in cash, >$235B was returned through dividends, the current "loss" to tax payers is approximately $12B. Which is expected to turn green very soon and generate substantial profits for "we the people".
Most large banks refunded the govt. with substantial profits, so did the insurance cos. The TARP also saved a ton of jobs.
Jail for what exactly? No laws were broken, at least no laws that existed at the time.
At best the whole situation in 2008 was a bank run[0] caused by a freeze in global liquidity.
Sure the financial institutions made some risky speculation that lost them some money. Losses were big in absolute terms but quite tiny relative to the assets under management and profitability.
a. Do I agree with (any company) functioning in the grey area. -- No.
b. Do I agree with bailouts of any kind. -- No.
c. Can I ever agree with people who ignorantly believe $20B in a recoverable overnight line of credit is more valuable than >$600B in assets and >$10 trillion loss in market capitalization. -- No.
There ought to have been some convictions but none were related to the TARP directly or indirectly.
Unfortunately, most quoted "crimes" were caused by human incompetence, a large number of other ones are caused by public ignorance and confusion about market making.
Designated market makers were regulated and were required to stand opposite to their own clients when necessary. This was by design and regulation. I quote this because invariably someone is going to cry about how these designated market makers bet against their clients.
During the savings and loan crisis in the 80s there were a dozen task forces in the DOJ, over 1000 FBI agents were tasked with investigating the banks. It resulted in over 1,000 felony convictions.
This financial crisis is significantly worse and we've had virtually no effort put into finding out the root causes. If nothing else we have internal e-mails from banks like Bank of America acknowledging that they knew they were selling junk bundled as AAA rated bonds which amounts to fraud. There's all sorts of evidence of collusion in the industry around getting those bond ratings and around selling them as something they were not. And that's just the stuff an armchair investigator can pull out of news articles over the years. Nothing compared to what a forensic accountant could determine.
It's of course unrelated but when it was found that HSBC was found guilty of laundering money for drug lord the DOJ decided not to prosecute because doing so was a systemic risk. It doesn't take much to understand that there were no prosecutions from the banking crisis because of a fear of systemic risk.
> This financial crisis is significantly worse and we've had virtually no effort put into finding out the root causes.
The root causes are quite well known. The primary reasons were:
a. Recent changes to how credit rating agencies (Standard & Poor's, Moody's etc.) calculated ratings - Specifically they started using the stock price to increase credit rating's - this has little to do with actual quality - it was all good when it was a bull market, they were to short sided to see that a sell off would cause the ratings to collapse, which is exactly what happened. This resulted in the initial liquidity crisis.
b. Repealing the Glass-Steagall Act in 1999 that was introduced in 1933 to limit affiliations between commercial banks and security firms. This resulted in excessive leverage being given by banks in 1999-2000 for purchasing investments (also contributed majorly to the greater portion of the bull run and pop of the tech bubble - explained in point d. and e.) which later morphed into sub-prime mortgages being offered in the early 2000's by the people who were not allowed to conduct these activities under Glass-Steagall.
c. The Community Reinvestment Act of 1977 aggravated the situation - but this is overlooked as it leads to political finger pointing. I will skip over it too as it would make me sound too much like the GOP. Though if you do research it, factor the effects of point b. into the analysis.
d. Rapid increase of Fed Rate in the months/year following repealing Glass-Steagall made it too expensive for investors to carry their investment loans and turn a profit. This lead to rapid liquidation of investments and popped the tech bubble. It's really that simple.
e. Following the tech bubble burst the fed rates dropped rapidly which made it easier for people with sub-prime credit ratings to qualify for mortgages. As it dramatically affected qualifying using the Gross Debt Service and Total Debt Service ratios.
f. Once the rates started increasing the only choice was for banks and security firms to structure them into exotic investments i.e. Credit Default Swaps. When ratings dropped due to erroneous credit rating algorithms (point a.) this became a huge issue. (Anyone ever wondered how anyone could have been confused by the risk of something with "Default" in its name?)
g. The most important reason of them all. All of this would have been a blip and not gone out of control at all if it unfolded in 2006-2007 or 2009. That is if it was not an election year with a guaranteed change of a President.
This crisis was caused by bad timing and the shortsightedness of both parties, the law makers, the independent regulators and of the feds. The real systematic risk comes from ending all their careers.
Sure they made a good investment with TARP, but it could have all been avoided if they had not deliberately let Lehman Brothers go bankrupt that resulted in erosion of $10 trillion in market capitalization in a matter of weeks.
I'm not saying the banks are innocent, nor do I accept the "it's all fair in capitalism" argument.
The one thing I haven't been able to wrap my head around is why the lawmakers found it necessary to repeal Glass-Steagall if they did not want financial institutions to conduct the very activity that the Act forbade.
I want to take a step back here. Two things are fairly clear to me. The first is that there would've been a housing bubble with or without illegal activity. I think that's something we agree on. I personally feel the biggest contributing factors were the repeal of Glass-Steagall, as you mentioned, coupled with the need for the fed to keep interest rates too low for too long. They were low from the dotcom bust, but after 9/11 had to be extended to prop the economy back up. What's also clear to me, but perhaps not to you, is that there was also a lot of illegal activity going on by the banks that took advantage of what was going on in the industry. I mean seriously, there have been exactly 2 banker convictions since all this started going down. There should be more than 2 banker convictions just as a matter of course due to the statistical probability at any person might be committing a crime at a random time. That so much money was made under so many shady circumstances followed shortly by the open admission by the DOJ that they would not prosecute HSBC bankers due to systemic risk make it pretty clear that there was plenty for the feds to go after but they chose not to.
How do you know that no laws were broken? I think the most we can be sure of is that federal prosecutors decided it was either ineffective or politically inconvenient to investigate. Without an investigation, I don't think we can know that nothing illegal happened.
Indeed, given the string of multi-billion dollar Wall Street settlements over the last few years, suggesting that there were no laws broken leading up to TARP implies that the banks were atypically clean.
If what bushido said is true, then I'm glad that those executives are still in charge. After all, they took a very bad situation, combined with a boat-load of money, and turned that into a bigger boat-load of money. Imagine if they were all fired, and new inexperienced decision makers took their place. That big bucket of money dumped into them could have easily evaporated.
I'm troubled by the persistent societal trend of people being afraid to reveal to others that they believe a malicious event was an inside job. I suspect many of us consider it possible that the heist was organized by Mark Karpeles himself and that the supposed transaction malleability crisis was completely fabricated.
He was making millions of dollars from trading fees and would have continued to do so for the foreseeable future. Why would he steal his own funds. It just defies any reasonable explanation.
AS you pointed out, it makes no sense, which gives him the perfect cover. He can empty the coffers and claim it was a hack because of a technical glitch. He takes it all, declares bankruptcy and he's gone with the wind.
Now, with a hefty stash, he can start another BTC exchange, and then rinse and repeat as necessary. It's about as close to a perfect crime as you can get.
Like not using any kind of VCS for the software which was the core of his business defies any reasonable explanation?
Maybe he just wanted a quick payday and get out of the business?
The guy doesn't seem to have a track record of making great decisions and he didn't seem to take the business very seriously. Not to mention we are talking about hundreds of millions of dollars. Theft is a possibility worth looking into.
It's millions of dollars and freedom vs. 100s of millions that get confiscated when you're incarcerated though (and yes that's a false dichotomy - but it's a bug in logic, it's not my fault ..).
I'd have thought that being in control of these exchanges you could pretty much extract as much money as you'd ever need by front-running or other manipulations. The fluctuations in market value coupled with the acceptance of week or 2-week transaction periods means you can get a few percent of each transaction doesn't it.
You could ask that question of all sorts of criminals. E.g., Bernie Madoff seemed to be doing quite well. Almost anybody accused of a major financial crime had plenty of opportunity to make lots of legal money; otherwise they wouldn't be in a position to steal. But it happens all the time.
Is it a societal trend or is it simply that more people believe that the "inside job" theory is far less persuasive than the "outside job + incompetence" theory?
One thing is clear. There's a lot of information yet to come. They've indicated that it's "highly probably" the coins were lots due to the TX Mal bug which seems to be the least likely hypothesis in the eyes of the community.
I suspect they're still analyzing their logs to find the full story themselves.
No real new information here but they now clearly claim that the 750 000 bitcoins owned by users have been lost due to the malleability issue, but that an investigation is under way.
I don't think anyone believes that 750,000 bitcoins were involved in malleability, nor that somehow they lost 2+billion yen to "hackers" at the same time.
People have tracked the addresses where an entity (very likely to be MtGox) transferred funds to prove that they had lots of bitcoins, and they haven't been moved from that address since then.
If insider “malfeasance” is the true cause, it just boils down to “who is more patient, those who have lost some funds, or the guy sitting on 700,000 BTC and just needs to wait for this to blow over”?
I just called the telephone service MtGox have (+81 3-4588-3922 ) and the only info I could get out of the Japanese girl was that all account informations are intact and it will be possible to log in on the website later some day. She was speaking a lot about stuff going on in court right now that has to finish, but nobody knows how long it can take.
Called for about 5 minutes. Queue wait time was short, below 30 seconds.
Well, if the Russian hackers got to the server, I bet there has been many before them. I'm pretty sure someone just messed with their database, and added funds to their account. Maybe added fiat, and bought BTC (users could withdraw BTC without identity verification?) because for some reason they couldn't add BTC directly (this would explain increased fiat in the system).
The fact that they are missing fiat (JPY) from a bank account(s) seems to scream that this was, at least partially, an inside job.
That could also explain why they are so eerily silent and not forthcoming. That is, either they are hiding something or earnestly investigating and don't want to tip off the insider(s) in question.
I wish they could just put themselves back online with the ~60% of users' bitcoins that they still have and just let us all withdraw them. Let us fight in court over the remaining 40%, right?
If having 60% of users Bitcoins were true, then doing what you propose would be a crime, and make the company officers personally liable to the customers who don't get their money.
As soon as the company knows it has 60% of the needed funds, then it is required to not allow anyone to withdraw their money. Instead, the insolvency process tries to treat everyone equally, so that they would pay out everybody 60% of their share, instead of some people getting all their money and some losing everything.
It is not optional, and not a choice that the company is allowed to make - they can affect the process on how exactly that happens (i.e., liquidating, restructuring as a running business, etc), but they can't simply pay out money to arbitrary debtors, that would open up many trivial ways of looting all the remaining money by insiders.
"Instead, the insolvency process tries to treat everyone equally, so that they would pay out everybody 60% of their share, instead of some people getting all their money and some losing everything."
No, there are a number of parties that get their money first, like the liquidator, the tax man, privileged creditors, etc. Which usually means that the concurrent creditors should be happy to get a few percent of their claims (the average here in the Netherlands is 3%).
Not disagreeing with your point, in fact reinforcing it - the proposal of the GP is preposterous under the law, and a flagrant violation of bankruptcy law across the world.
"(the average here in the Netherlands is 3%)"
Only if you include the large number of (very) small businesses that fail, because most of those still have a substantial sum to pay to taxes, usually already-withheld income taxes and VAT.
For a case the size of Mt.Gox the average is higher. Remember DSB Bank? They even got above 100%, just took a long time to sort it all out.
That's predicated on the assumption that, from the point of view of the bankruptcy proceedings, the bitcoins are actually an asset considered in the bankruptcy - and more importantly that "being owed bitcoins" ranks you somewhere on the list of creditors. It's perfectly possible that the bankruptcy process would prioritize making people with real currency claims whole; if that means 'liquidating' bitcoin assets to turn them into dollars to pay back banks, liquidators, and other hard currency creditors, then that's what would happen.
This is equivalent to suggesting that the best course of action with a business that has gone bankrupt is to allow itself to be looted by some of its' customers.
Rather than attempting to rebuild value to return a higher proportion of cash/goods to all customers, or paying debtors according to contractual priority.
You'd need to know if it's really 60% and not, say, 59%; and you can't know that until the assets are actually liquidated - you can estimate the value of your stuff/buildings/whatever, but you'll know for sure only when they are actually sold.
But how do you know whether the issues that caused the debacle are fixed or not? At that point it appears unclear that anyone knows the full details of the issues, including the MtGox team. Reopennig now might be risky.
They don't have 60% of their customers' bitcoins. They (allegedly) have 0.2% (2k out of 750k) of their customers' bitcoins, and 60% of their USD/EUR/JPY.
I really do not understand how the transaction malleability bug could have lost 40% of their fiat deposits.
Certainly they are not telling the truth about the transaction malleability. They have now dug their feet in on that explanation but it does not make sense given what we know about transaction malleability (the kind they are talking could not possibly have cause 850,000 bitcoins to disappear from allegedly cold storage without them noticing, and probably not without some social engineering.)
It seems likely that if the bug was involved somehow, it was because an intruder performed an attack from inside Gox . How else would they also be able to get fiat deposits out of Mt. Gox? Wouldnt that require initiating bank transfers?
It's basically impossible. There's 200BTC a day withdraw limits (or rather, was), for this to have worked somebody would have needed to be withdrawing the limit from 5 different accounts, every day for the last 3 years and successfully manipulating the bug in Gox's system every single time. This couldn't even have worked reliably, as the consistent Gox bug was only triggered by 0.8.0 being released.
It doesn't make sense as an explanation, especially given that we now know that some Russian clowns also had database access.
If you had a verified account you could ask for any limit you wanted up to 10k BTC, with a trusted account I think there was no maximum— I've talked to people who say they had 50k limits.
There was a 200 BTC maximum per withdraw however, at least in recent times.
> as the consistent Gox bug was only triggered by 0.8.0 being released
Even that wasn't consistent, only ~1% of signatures were invalid DER encodings with their code.
> If you had a verified account you could ask for any limit you wanted up to 10k BTC, with a trusted account I think there was no maximum— I've talked to people who say they had 50k limits.
Wsn't aware of that, I only ever saw 200BTC being mentioned. Did Mt Gox seriously keep 10,000BTC+ in their hot wallet for this to work, or were manual withdraws like a bank where you make a cash request for the next day?
A group of hackers that compromised Gox to find out "what went wrong" and compromised tens of thousands of people's passports and home addresses at the same times. Leaked the personal contacts and names of all the Gox employees, and generally put many people's lives genuinely at risk.
> I really do not understand how the transaction malleability bug could have lost 40% of their fiat deposits.
At what point, given normal business conditions, would you need to hold 100% of deposits? You only need enough to cover withdrawals; ignoring the MtGox issues 60% seems quite reasonable.
The only time you'd need to worry about 100% is if you're anticipating a total run on deposits or you're going to close the bank.
The announcement was silent on the BTC they still retain. I can't find any direct statements by anyone at Gox that all they have left is 2K. I'd be very grateful if someone could point it out if it exists.
The 2K BTC were mentioned on the leaked MtGox documents which were published one week ago or so. Given that many facts in those documents match with information that was published later on, it appears that those documents could be authentic.
They don't want to. They want to keep operating and slowly repay those 40% by transaction profits, and then continue operating after that as a profitable company.
They are crazy to think it will work. But that's what they want.
Based on their own, incredibly optimistic, financial forecasts that were leaked earlier it'd take at least a decade for them to repay just the current USD value of what they've lost. I'm not sure it'd even be feasible for them to repay bitcoin for bitcoin, since their financial predictions quite likely rely on Bitcoin shooting up in value.
Uh, no. I formally advise against this course of action as "hilarious." Who on god's green earth is going to bank their coins in MtGox 2.0?