Over the weekend MtGox went offline for several hours and it took the noted bitcoin exchange almost a day and a half to reach out to customers with a press release explaining what happened. This has followed an announcement from MtGox that it had halted all bitcoin withdrawals from the site. This news has since triggered a massive drop in market value.
Today, MtGox spoke out in a press release explaining the outage and the reasons for the withdrawal freeze:
As you are aware, the MtGox team has been working hard to address an issue with the way that bitcoin withdrawals are processed. By “bitcoin withdrawal” we are referring to transactions from a MtGox bitcoin wallet to an external bitcoin address. Bitcoin transactions to any MtGox bitcoin address, and currency withdrawals (Yen, Euro, etc) are not affected by this issue.
The problem we have identified is not limited to MtGox, and affects all transactions where Bitcoins are being sent to a third party. We believe that the changes required for addressing this issue will be positive over the long term for the whole community. As a result we took the necessary action of suspending bitcoin withdrawals until this technical issue has been resolved.
In the Bitcoin ecology, MtGox is the exchange of note, but it’s also essentially one of the first—as such it’s resting on a foundation that was built while Bitcoin was even younger than it is now. This fact seems to be the driving factor behind what’s been happing to the exchange: the underlying infrastructure is similar to an old house with bad wiring and poor plumbing. In fact, Andreas Antonopoulos, CTO of Blockchain.info, has been quoted as describing MtGox’s code as “hodgepodge of technologies that are really not suitable for running an exchange.”
In a recent interview with Cryptocoins News, Greg Maxwell, Bitcoin core developer, described the announcement from MtGox as “a little bit ‘spun.’” The issue MtGox cites as the reason for the withdrawal freeze is related to an issue in the Bitcoin system that has been inherent and known since 2011.
Oh there is a “problem” in the Bitcoin protocol, known since at least 2011 (see the link I gave). But for normal applications, not involving unconfirmed transactions, it shouldn’t cause any severe problems because wallets can handle it locally.
Basically, third parties can change the transaction IDs of transactions. This means what wallet software must be written to accommodate that and still recognize them when that happens.
What the press release talks about is adding a second kind of transaction ID, which is robust against changes, which would be helpful for tech support purposes. Though it doesn’t resolve all of the issues that being able to modify transactions presents.
Even with this apparent fault in the Bitcoin protocol, it and the workarounds to prevent it from being a problem have been known since 2011. As Maxwell even points out during the interview it’s even cited on the Bitcoin Wiki. According to Maxwell, the onus is certainly on exchanges to write their own software to handle the malleable transaction ID—making this problem solidly bad coding on MtGox’s part and not a fatal flaw inherent in the Bitcoin protocol.
Maxwell focuses on the factors developed in code to cope with this characteristic of the Bitcoin protocol and chides MtGox for not implementing their system appropriately. For a protocol effect that’s been known since 2011 this does not look very good for MtGox’s aging system.
MtGox technical ineptitude led to withdrawal freeze, PR nightmare leads to market decline
MtGox’s press release and the responses from Bitcoin Core developers does not shed a very good light on MtGox’s response to the problem. Right now, to the outside viewer it’s a sort of blame-game going around but as, Maxwell has noted, the flaw and solutions to it have been known for some time.
By proceeding with a bitcoin withdrawal freeze (with little explanation) and then the weekend outage of the exchange (followed by a day with little acknowledgement to the public) MtGox is producing the perfect storm of public relations uproar. Now that the company has finally come forward with the reasons for the bitcoin withdrawal freeze the blame falls flat.
In the wake of this, the Bitcoin market has dropped significantly. The withdrawal freeze even prompted Bitcoinaverage.com to remove MtGox from the global average calculation—the citation for MtGox is “withdrawals blocked.”
It is important that MtGox is working with the Bitcoin core developers, but making the press release about fixing a minor flaw in the transaction ID system that code can cope with isn’t going to help matters. Every system has flaws, and some of those flaws are insurmountable, but this one seems as if MtGox could have reached out to the core developers earlier for a solution.