A Look At The Most Popular Bitcoin Exchanges
4 stars based on
76 reviews
Bitfinex, one of the withdraw bitcoin from cryptsy Bitcoin exchanges, was hacked, leading to the loss ofbitcoins. So, stealing money from Bitcoin banks is where the action is withdraw bitcoin from cryptsy. Some people have claimed that this is the first big Bitcoin theft in a year and a half. Earlier this year, Shapeshift was hacked, and slightly earlier than that, Cryptsy.
And of course, Mt. And Poloniex and countless others. The list of major Bitcoin heists is far too long to recount here. Clearly, the default, low-energy state of any Bitcoin exchange is a drained, deflated shell, a graveyard of dreams, a sad reminder to the fallibility and insecurity of our computing infrastructure.
It's not that there is anything special about Bitcoin -- we've seen that banks, even central banks, are just as hackable. But whereas regular banks can trace the funds and undo transactions, the irreversibility of Bitcoin makes Bitcoin exchanges lucrative, soft targets. The resulting withdraw bitcoin from cryptsy, such as this one from an individual who lost his entire life savings for the last 12 years withdraw bitcoin from cryptsy, are heart breaking.
It's too early for a coherent story to emerge from the smoldering ashes of the Bitfinex disaster. There will undoubtedly be some people who will blame government regulations, because the US government did interfere with, fine, and modify the operations of Bitfinex. But as far as I can tell, the government's touch was incredibly gentle. Second, they made sure that Bitfinex kept its funds not in a master omnibus account, but in multisig accounts for each individual registered with bitfinex.
Essentially, the regulators wanted to see that the coins were delivered to individuals, as opposed to held in one giant pool. This little accounting twist was all that was required to satisfy the regulators, who generally seem clueless and out of the picture as far as security measures go. All the withdraw bitcoin from cryptsy decisions about protecting the private keys, then, rest with Bitfinex.
To their credit, Bitfinex did move to multisig accounts protected by BitGo, where they hold their users' private keys, and require confirmation a second signature from BitGo to move the funds. If one had to take a blind guessone would suspect that the hacker obtained the private keys held by Bitfinex, coupled with API access to BitGo to instruct Withdraw bitcoin from cryptsy to sign the withdrawals.
Additional trickery would probably be required to circumvent BitGo's daily withdrawal limits. The nice thing about robbing a Bitcoin exchange is that it is fairly clean.
You don't need to look stupid in a pair of stockings on your head, carry a gun, or furnish a burlap sack to rob these modern fancy banks. And you do not need to take hostages, shoot guards, or jump out of an airplane over Withdraw bitcoin from cryptsy Washington in a business suit.
The gig is so easy, script kiddies can keep tabs on new attacks on security mailing lists as they emerge, and simply launch the latest attack from a dorm room.
And of course, the groups of hackers employed by state-level actors of which, there are thousands, operating with a License to Hack can do this on their lunch break just to keep warm, if not to finance wild parties. The fact that Bitcoin is irreversible is absolutely crucial for its target use case: So Bitcoin cannot ever ever ever fork, lest it lose its special, hard-earned reputation for facilitating the Dark Web. One option, suggested by a Bitcoin developer, is to try a soft-fork, wherein miners block the thief from moving the funds and allow Bitfinex to double-spend the coinsreorganizing the blockchain to make the heist not happen.
This is contemplatable solely because Bitcoin mining is so centralized right now. But the idea doesn't hold water, as the math favors the thief by a long shot. Yes, it's true that Bitcoin miners control which transactions make it onto the blockchain, and yes, one can bribe them to reorganize the chain. But the thief can bribe the miners more, as he does not need to pay for retroactive reorganization of the blockchain.
In the limit, the funds from the heist would be split between the miners and withdraw bitcoin from cryptsy thief. Another option is to bargain with the hacker.
This conversation necessarily has to take place withdraw bitcoin from cryptsy public, over social media, leading to an embarassing, cringeworthy discussion that seems like the third stage of grief.
If nothing else, it's bad optics. It's silly to try to negotiate with someone when you have absolutely no power at all. And the last time a hacker was offered a deal like this, he was ultimately prosecuted anyway. Perhaps what is needed here is a scheme that does not break Bitcoin's all-too-critical irreversibility when dealing with strangers, but allows someone to take back his funds in the event of a hack.
How might such a scheme work? It seems almost in fundamental conflict. There is no definition for a "hack," so an withdraw bitcoin from cryptsy undo mechanism will certainly break irreversibility. Suppose I designate some of my funds as being in a specially-marked cold storage account, or, let's call them vaults. To pay for things, I need to move them out of my vault to a regular wallet, a process which takes, say, a day.
Merchants never accept payments directly from vaults; they use regular Bitcoin addresses, and payments work in the regular, irreversible fashion. But the special thing about vaults is that they come with two keys. One key is used to unlock the vault and move your withdraw bitcoin from cryptsy to a regular wallet. The other one, called a recovery key, is used when you notice that your funds were hacked and moved out of the vault by a hacker.
You can then use your recovery key to undo the hack -- you have 24 hours to notice and launch the recovery and get back all the funds. Notice that you cannot fool a merchant with this trick and revert a withdraw bitcoin from cryptsy transaction. All you can do is take back your own money from someone who is trying to steal it. If I may say so myself, it's a pretty ingenious scheme. It's almost like someone ought to work on it. It turns out that someone did.
That someone is Malte Moeser, Ittay Eyal and myself. Our paper appeared in the peer reviewed Bitcoin workshop last February, and we discussed it here and expanded on it here. But the Bitcoin world was so caught up in the neverending blocksize debate that there was almost no discussion around the vault idea. The various roadmaps from different groups focused solely on scaling, the perceived Achilles heel of Bitcoin. Well, little known fact is that Achilles had two heelswithdraw bitcoin from cryptsy so does Bitcoin: The vaults address the latter, and they do so in a way that's pretty definitive, and congruent with the use cases for Bitcoin.
Further, the nice thing about vaults, of course, is that they work even if the theft resulted from an exit scam or insider attack. In fact, they make them less likely.
So, I wish the best to the folks who lost their funds at Bitfinex. Hope we do not have to see another major Bitcoin exchange failure before we see security measures deployed for Bitcoin. Hacker and professor at Cornell, with interests that span distributed systems, OSes and networking. In Context Some people have claimed that this is the first big Bitcoin theft in a year and a half.
Root Cause It's too early for a coherent story to emerge from the smoldering ashes of the Bitfinex disaster. What Can Be Done It almost seems as if something should be done. A Real Solution Perhaps what is needed here is a scheme that does not break Bitcoin's all-too-critical irreversibility when dealing with strangers, but allows someone to take back his funds in the event of a hack.
But there withdraw bitcoin from cryptsy actually a solution. Here is what it might withdraw bitcoin from cryptsy like.
