MtGox's "Transaction Malleability" Claim Dismissed By Researchers

Martin S. (98249) writes "The Register reports on a paper at the arXiv (abstract below) by Christian Decker and Roger Wattenhofer analyzing a year's worth of Bitcoin activity to reach the conclusion that MtGox's claims of losing their bitcoins because of the transaction malleability bug are untrue. The Abstract claims: 'In Bitcoin, transaction malleability describes the fact that the signatures that prove the ownership of bitcoins being transferred in a transaction do not provide any integrity guarantee for the signatures themselves. ... In this work we use traces of the Bitcoin network for over a year preceding the filing to show that, while the problem is real, there was no widespread use of malleability attacks before the closure of MtGox.'" Quoting El Reg: "By extracting transaction keys from the transaction set, the researchers say, they were able to identify more than 35,000 transaction conflicts and more than 29,000 “confirmed attacks” covering more than 300,000 Bitcoins." And less than 6000 were actually successful.

The scam unravels

[NotDrWho]

The MtGox guys better get on a plane and head for their secret island.

Re:The scam unravels

[gstoddart]

I wonder how this plays into this bit coins they mysteriously found in another wallet later that they said they'd give the refunds from.

Either this was a scam all along, or these guys really dropped the ball.

And if the researchers are saying their explanation doesn't hold water, it's increasingly hard to believe them.

Dear slashdot,

[Orgasmatron]

This paper has already been widely dismissed by the bitcoin community. Not that we necessarily think that Mtgox was actually hit by a malleability attack. Just that this paper is nonsense.

The very short version is that what these "researchers" were looking at isn't actually how the alleged bug would have worked.

Re:Dear slashdot,

[kasperd]

Just that this paper is nonsense.

Care to answer a few questions then?

• How did the transactions found by these researches happen, if not by a malleability attack?
• If a malleability attack would not result in transactions looking like what was found by these researchers, then what would it look like?
• What is the explanation for the spike found just after the announcement, if that was not due to copy-cats attempting malleability attacks?

Re:As it was weeks ago...

[jythie]

Yeah, but it is still kinda cool to see people dissect exactly how it happens or how claims are untrue. Suspecting and knowing are two very different things.

Re:Money and marijuana don't mix

[Collective+0-0009]

I'd trust a pot head over a money-grubbing corporate overlord. I have personally worked with the type of psychos that run a lot of companies. They are completely immoral. They often cannot even see their lack of integrity as they have rationalized their decisions long ago. They surround themselves with those that won't rock the boat; "yes men/women". And it's so easy to fall into when you are on top... nobody cares that the emperor has no clothes as long as they get the bonus and raise.

Remember that commercial where they gave some poor dude 100k and asked him to watch it. Pot smokers don't steal it. Asshole libertarian, free market loving, usually conservative pricks steal*.

So you keep the c-levels of ING, Chase, etc. I'll take The Dude any day.

* = I am sorta libertarian, like the free market, and agree with some moderate conservatives. But it seems the psychos all LOVE these things and use them as the basis for their rationalizations.

Re:As it was weeks ago...

[BourneTolouse]

I don't know what prompted the Red Cross comment, but is is easy enough to check through Charity Navigator. The Red Cross spends 4% on administration and 5.1% on fund raising; the rest goes to programs.