Bitcoin Exchange BitFloor Says It Will Replace Stolen Coins

angry tapir writes "Bitcoin exchanges generally don't seem to recover that easily after security breaches. However, BitFloor, which was hacked and had 24,000 Bitcoins stolen in early September, is coming back online, refunding account holders whose coins were stolen and implementing new security measures, including cold storage for private keys." The key word is "intends" — but I hope it happens as promised.

pump and dump

"Yes, we plan on buying a large number of Buttcoins to replace the ones that 'external hackers' stole from our 'customers'."

[price goes up on exchanges]

['stolen' coins all sold for cash out of an anonymous account that's surely not controlled buy the guy running BitFloor]

[BitFloor never heard from again]

Taking money from the Buttcoin crowd must be the easiest thing in the world. It's like if you took normal currency speculators and then gave them all severe head injuries.

Re:pump and dump

[GameboyRMH]

ButtCoin victim spotted.

Re:pump and dump

[ZeroSumHappiness]

Wait, are the coins unique? Doesn't that defeat anonymity if you can track individual coins?

Re:pump and dump

[GameboyRMH]

Yes, the anonymity lies in throwaway email addresses that have no association with your real name.

Re:pump and dump

[Wonko+the+Sane]

There are no discrete "coins". There are only addresses and balances.

Re:pump and dump

[GameboyRMH]

It's true that "Coins" are only a unit of measurement in the BitCoin system, but transactions can be tracked just the same:

https://bitcointalk.org/index.php?topic=241.0

Re:pump and dump

[scorp1us]

Anonymity was never a feature of Bitcoin, though first reports made claims to that. It is regarded currently and properly as pseudo-anonymous. Your bitcoin wallet maintains a ledger of every transaction ever made. So you can see money moving between people, unlike a stock exchange or bank. Scratch that, it's not a matter of can, it is a matter of having to see every transaction.

Where they "anonymity" lies us unlike a bank, you can create an account (address) out of thin air. You can control any number of accounts in your wallet, and move money between them. So no one can tell what addresses are in your wallet and who (person) controls however many bitcoins. Two people having 10 btc might divide it up differently - 1 person has all 10btc in one address, the other has 10 addresses all with one. You don't know who controls what. The only way to find out is to get enough wallets with enough addresses in them that you can start identifying people for past transactions, but you can always invent a new address so you can't ever "watch" anyone. It is just like - until recently - moving money between swiss bank accounts.

Re:pump and dump

[ToadProphet]

What do email addresses have to do with bitcoins?

Re:pump and dump

[firewrought]

You can control any number of accounts in your wallet, and move money between them. So no one can tell what addresses are in your wallet and who (person) controls however many bitcoins. Two people having 10 btc might divide it up differently - 1 person has all 10btc in one address, the other has 10 addresses all with one. You don't know who controls what. The only way to find out is to get enough wallets with enough addresses in them that you can start identifying people for past transactions, but you can always invent a new address so you can't ever "watch" anyone.

But your honor, it couldn't possibly have been MY client who purchased those drugs. As you can see here, he clearly transferred $160 from his account <dude@hendrixfans.net> to some nefarious third party <cantcatchme@mailinator.com>, who by COMPLETE COINCIDENCE purchased $160 worth of drugs from about 30 seconds later. We have NO IDEA who this mysterious cantcatchme is, other than being a beneficent of my client's quirky tendency to email unsolicited funds to random strangers just to brighten their day.

Why NO, I don't think it's the LEAST bit suspicious that this is the 23rd week in a row that this exact sequence of transactions has occurred between these exact same participants. What can I say? My client is a generous man. Like the other day when he spontaneously sent $200 to <bogusacct@mailinator.com>. Perhaps foolishly generous, as Mr. bogusacct promptly sent that money to <cashier@pokerboss.net>, but can one convict a man for carrying virtue to excess? I say no!

Re:pump and dump

[JesseMcDonald]

Right, Bitcoin is pseudonymous, not anonymous, and even then you have to put some thought and effort into keeping your addresses independent, or the connections will be uncovered by some fairly basic traffic analysis. There are "mixing services" to deal with the latter issue, but use of one is somewhat suspicious in itself.

If you want fully anonymous transfers you need something more like an Open Transactions server running in cash-only mode. This is a federated contract-based derivative system, as opposed to a peer-to-peer base currency like Bitcoin, so you do have to trust the issuer to adhere to the contract. However, that does open up a number of interesting possibilities, including contract tokens in fixed denominations which can be transferred untraceably between users. Due to the use of blind signatures, the server cannot connect the tokens being deposited with the account they were withdrawn from, or the client making the withdrawal, and the fixed denominations make traffic analysis much more difficult.

NOTE: Open Transactions is still in early development, and is considered experimental software—more so than Bitcoin—though most of the principles involved have been well-known for some time and employed successfully in other digital cash systems. Do not reply on it for anything mission-critical at this time.

Re:pump and dump

[JesseMcDonald]

How is this [Open Transactions] different from bitcoin contracts? https://en.bitcoin.it/wiki/Contracts

I'm not quite sure where to start. They're completely different concepts. Bitcoin contracts, like the assurance contract or an escrow contract, are ways to use the Bitcoin protocol to create transactions which are only valid under certain conditions—when enough money has been collected from a variety of different inputs, or when two of three stakeholders (payer, payee, arbiter) sign off on a transfer, etc. All the data about the transfer is public, integrated into the block chain, and traceable to particular pseudonyms (public keys). Keeping track of how many bitcoins are associated with each key requires a complete record of the history dating back to the first block (gigabytes and growing).

Contracts in Open Transactions can be anything; they're basically human-readable text with semantic tags for computer parsing, identified by a cryptographic hash. Generally for currency contracts they would take the form of an agreement to pay a certain amount of BTC, USD, or some other commodity on demand. You could also have bond contracts, shares in a company, etc. A triple-entry accounting system ensures that all you need to prove who owns what is the receipt for the last transaction, signed by payer (authorizing payment and approving new balance), payee (accepting payment and approving new balance), and issuer (confirming sufficient payer funds and approving changes in balances). Payer and payee get different receipts from the issuer, of course, since they don't need to see each other's balances.

The system supports direct transfers (payer communicates with server), cheques (payer signs transfer and designates payee, payee submits transfer to the server), invoices ("negative cheques", requests for payment), and vouchers (like cashier's checks). All these forms of transfer leave a record of some sort.[1] OT also supports "cash", where you create a random token, "blind" it so that the server can't see the value, and have the server sign it (for a cost). You can then give that token to someone else, and they can deposit it with the server for credit in their own account. Once deposited, the server can see the value of the token to prevent double-spending, but can't connect the deposit with the previous withdrawal since didn't see the actual value until it was deposited. The token could have come from any previous withdrawal in that denomination (within a set time; the tokens do expire, and need to be periodically renewed).

OT also supports "smart contracts", which are programs which govern transfers. Assets can be transferred into the contract, and the program decides what happens to them after that. They can be used for implementing escrow and assurance contracts, enforcing company by-laws, or any number of other arrangements.

Because you only need to keep the most recent receipt, Open Transactions does not require anyone to store the complete history of every account, which implies much lower disk, RAM, and network requirements, and more effective pseudoanonymity compared to the Bitcoin block chain, even without dealing in cash tokens. In cash-only mode, given a reasonable amount of background noise to hide in, even the issuing server would have a hard time connecting payers with payees. Transfers are also instant, without the wait for confirmations required for Bitcoin. The downside, of course, is the requirement to trust the issuer.

[1] Vouchers need not record the payee if the voucher is open-ended (no designated payee) and the server supports converting the voucher directly into cash tokens without an account. It may also be possible to mask the payer by converting a cash deposit directly into a voucher. Either way, at least one side has to use cash to avoid associating both payer and payee with the voucher. The voucher could also be traded directly, but that exposes the recipient to considerable risk of double-spending.

Re:pump and dump

[firewrought]

Even if you bust the seller, and get his entire history of addresses to trace through the blockchain... You still have no way to tell that buyer-A equals buyer-B.

My hypothetical defendant was using a particular gambit that my hypothetical prosecutor saw thru. You now suggest a more sophisticated gambit to use, but there are ways of seeing thru it too. Like I said in another post, it's an arms race. Law enforcement will discover gambits and devise strategies for detecting the tell-tell patterns they leave in bitcoin transaction histories. The obvious gambits (fake intermediaries, scatter/gather, pool/split, currency conversion, etc.) will be countered quickly once law enforcement gets serious (though some aspects may have to wait for legislation and/or regulatory crackdowns on the exchanges). Some gambiteers will succeed, others will be caught.

I think you are seriously underestimating the white hats here: JUST working with bitcoin transaction history one can apply all sorts of graph analysis, forensic accounting, etc., much of it automated. THEN think about all the externalities that can be investigated: your phone records, your browsing history, a GPS tracker on your car, your FaceBook page, etc. THEN think about the laws that will be passed to give law enforcement more visibility into bitcoin exchanges. THEN think about what unknown technical attacks might be used to augment the transaction history (one wild idea: if the government ran a lot of their own P2P nodes, perhaps they could record the timing and IP addresses of block confirmations and infer something about the geographic origin of the buyer?). THEN think about all the other tactics that can be used that apply to ALL drug busts and money-laundering crackdowns (like informants and stakeouts).

Of course, the criminal underground has tactics too. And both sides have limitations of costs, time, manpower, and natural interest. My point is that it gets complex quickly, and police aren't limited to knowing what an algorithm can know. Transaction histories--even that between the pseudo-anonymous nodes in the big bitcoin graph--will be a powerful investigative tool.

Re:Refund how?

[GameboyRMH]

They'll have to generate/acquire new ones at their own expense, that's for sure.

This whole digital currency thing

[kiriath]

Gives me the willies...

Of course it's not much different than paper currency I suppose, it's all make-believe anyway.

Re:refund from where?

[Wonko+the+Sane]

They can't dilute the currency. They only way they can replace the coins is to earn them via business profits.

And...

Nothing of value was gained.

Re:refund from where?

[gl4ss]

Out of whose pocket come these bitcoins? Or are they just changing user's balance thus diluting the currency?

that would be extremely interesting to know, since apparently the theft is way beyond his own means of paying capability. also it's to note that he initially sat on peoples real money too.

the actual article says though that he _intends_ to pay back.

Re:Refund how?

[Wonko+the+Sane]

They are going to resume operation and earn money via trading fees. Assuming they get enough volume the profits will eventually be able to replay the depositors.

In other words they will try to earn their way out of insolvency.

Trust excanges? Nope.

[magic+maverick+]

I don't know why anyone would trust exchanges or online wallets. At this time they aren't really regulated, and surely don't have insurance. It's too much of a risk. Instead, keep all your bitcoins in a wallet (an encypted one of course) on your own computer. And make sure you have a backup, 'cause backups are important.

If you are really paranoid, you have an offline wallet that is only on a USB stick or similar, and keep just a few coins in your 'online' (on your computer) wallet. But never keep any more than what you need to pay off in a real online account. Sort of like Paypal, you only keep the minimum in there (or not use Paypal at all, 'cause they are slimey bastards).

Re:Trust excanges? Nope.

[GameboyRMH]

Or better yet just avoid keeping your money in Bitcoins since the value of them could crash hard at any time as has happened numerous times in the past.

Re:Trust excanges? Nope.

[GameboyRMH]

If there were no BitCoins and physical money had to be used, the hackers could have set up a "dead man's switch" system that would release the info if the hackers didn't intervene and told this to Romney. That way setting a trap would be self-defeating. Send in an anonymously-contacted intermediary with a wire to do the physical collection for a cut.

You can't really do this with a kidnapping though so maybe it could make kidnapping easier...

Re:Trust excanges? Nope.

[timeOday]

The answer is yes. The reason we don't have government-backed digital cash is because currency that is not inherently traceable makes it harder to regulate trade, and some trade is illegal. Same reason they stopped making large-denomination paper currency - it's most useful to dictators and drug dealers. And also for under-the-table (or "underground economy") business that would be otherwise be legal except it can't be regulated and taxed. And before you start, no, I'm not saying cash or digital cash should be outlawed. But it certainly raises some tough issues.

But how?

[scorp1us]

It's not like *real* money that you can just print out of thin air.

You've got to come up with that some how, and at $10 (so I don't need a calculator) that's $240,000 you've got to come up with. That's a lot of mining or fees at $0.10 each. That's hard to make up with low volume of trades.

Re:Refund how?

[nedlohs]

If they didn't contract to refund in such cases then they aren't insolvent since there is no obligation to repay. If they did then if the terms for repaying are long enough in the contract they probably aren't insolvent either (you are allowed to carry debt without that automatically making you insolvent). If they do have such a contract but the penalties for breaking it are small enough or allowed to be paid over a long enough term then the same thing applies as above - you are allowed to have debt.

So what information leads you to conclude they are insolvent?

Re:Refund how?

[WolfWithoutAClause]

They're only insolvent at the point that debtors can legally demand the money and they're incapable of paying.

Re:Refund how?

[gl4ss]

If they didn't contract to refund in such cases then they aren't insolvent since there is no obligation to repay. If they did then if the terms for repaying are long enough in the contract they probably aren't insolvent either (you are allowed to carry debt without that automatically making you insolvent). If they do have such a contract but the penalties for breaking it are small enough or allowed to be paid over a long enough term then the same thing applies as above - you are allowed to have debt.

So what information leads you to conclude they are insolvent?

they would be insolvent if someone asked for the money.
oh, and someone did ask and he didn't pay. they(him) are insolvent because by their own words they don't have the money to pay back.

last time some numbers were thrown about the normal profits for bitfloor would take many years to cover up the losses.

this article didn't cover if he paid back the real money people had sitting in the system either.. that was/is a big issue. when it hit he basically just froze everything.

Re:Man

RTFA and you'll see that Roman took full responsibility for a huge security mistake that should never have occurred. How many banking executives at Goldman Sachs, Lehman Brothers, Chase, BofA, CitiBank or Wells Fargo have done anything like that? There are many ways to properly secure a bitcoin exchange, but even the biggest (Mt. Gox) was hacked last year, and the community learned a great deal from that experience. Gox did NOT go out of business and in fact, the exchange rate of BTC has skyrocketed from $2.30 the day of the worst crash to $12.46 today. Clearly, there are plenty of people who still have confidence in the market and the Bitcoin project. Poorly managed exchanges like Bitcoinica failed to implement proper security measures and crashed miserably. I'll give Roman credit for addressing the problem directly at the London Bitcoin conference and promising to return all deposits to his customers, but I'm not sure I would use his services until he fulfills that promise. He must have enough patient investors to absorb the loss (and to be fair, $240,000 isn't all that much money in the business world), so I won't count him out just yet.

Perhaps some exchanges DO need deposit insurance, but that kind of service won't come from the financial industry. Bitcoin is a rebellion AGAINST that industry; the project needs to mature a bit more so that such a mechanism can be developed, just like new merchant tools are coming out every month or so (e.g., http://bitpay.com). I'm an early adopter because my faith in the current financial system has been completely destroyed, and I'm excited to see geeks taking ownership of the problem and developing an amazing new cryptographically secure structure to address the issue. Bitcoin will never be a clone of the existing currency system because it is an evolutionary step beyond the corrupt and badly broken system that has failed us.

Re:Refund how?

[brokenin2]

No one can make any more bitcoins than the pre-defined scheduled amount, and no one can guarantee that they're able to make them for themselves.. It takes a lot of (computer) work, and a bit of luck.. You basically buy lottery tickets to winning newly created money by agreeing to do work to process transactions.. That's not exactly right, but it'll get you a lot closer to understanding the system than where you're clearly at..

Re:Refund how?

[nedlohs]

Only if he has an agreement to pay them money. It's a bitcoin thing, that people would hand over their coins with no agreement for them to be returned doesn't seem that unlikely.

I can ask you for $50 billion, that doesn't make you insolvent. I could ask a bank to return the $5000 I put in a term deposit, if the term hasn't expired they can not pay me back without being insolvent.

As I said it all depends on the contracts in place.

Re:Refund how?

[Richy_T]

They left a large amount of bitcoins in an unencrypted wallet (to my understanding). What makes you think they'd have that level of sophistication in their contract?