View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
February 25, 2014updated 22 Sep 2016 11:08am

Mt. Gox flaw ‘not fatal’ for Bitcoin

But Elliptic Vault co-founder admits the Bitcoin exchange’s alleged loss of $350m could delay mass acceptance.

By Joe Curtis

The closure of the world’s biggest Bitcoin exchange after an apparent loss of $350m will not damage the cryptocurrency in the long term, an expert believes.

Mt. Gox was today pulled offline for at least a month after the discovery that hackers had taken advantage of a flaw to steal 744,408 bitcoins from people’s digital wallets, according to an apparent leaked document.

The lost coins amount to around 6% of the overall 12.4m bitcoins currently in circulation, and the news has rocked the Bitcoin community, precipitating a drop in the total value of the digital currency from its January-high of $14.5bn to just $6.9bn.

But the co-founder of Elliptic Vault, the world’s first insured cold storage service for Bitcoin, insisted the cryptocurrency will recover.

"In the long term I don’t think it’s damaging at all," Tom Robinson told CBR. "It’s one business that’s lost customer funds. It’s just coincidence that it happens to be a Bitcoin company."

Mt Gox CEO Mark Karpeles is set to step down from the exchange, after admitting earlier this month that his company had failed to keep up with the pace of Bitcoin code updates.

Critics of the exchange say the problem is not with the Bitcoin code, but in Mt Gox’s implementation of it.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

The problem, known as a ‘transaction malleability‘, allows a third party to alter the hash of a transaction (a hash confirms a transaction was completed legitimately).

This means that a thief could request to withdraw his or her money from an exchange, but alter the hash of the transaction before it is recorded on the blockchain, a virtual ledger recording all Bitcoin transactions.

By altering it, the transaction appears as if it is another one entirely, meaning the thief can then prompt the exchange to send the money again by claiming there is no record of the money going through, thereby gaining twice the amount.

The Bitcoin Foundation fixed the bug in an update to the protocol, but critics claim Mt. Gox failed to implement the update.

The flaw’s impact comes at a time when the HMRC is considering how to tax Bitcoin, and Robinson conceded that the news may harm the cryptocurrency’s chances of mass adoption.

"It will delay widespread acceptance of Bitcoin," he said. "But in the long term [Bitcoin] has a lot of advantages.

"We will see a lot more flow of VC money into Bitcoin businesses and that will strengthen it so something like this can never happen again."

Robinson is one of eight British Bitcoin community representatives in discussions with the taxman over how it will classify the digital medium of exchange, and told CBR they will meet again with HMRC next week.

"We’re very pro-regulation," he said. "If anything this makes it even more clear that regulation would be good.

"The first step in regulating it is classifying it. Ideally it would be the same as any other currency but that’s a big ask."

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.