Wait a Second. I Thought Bitcoins Were Unstealable?

Fight disinformation. Get a daily recap of the facts that matter. Sign up for the free Mother Jones newsletter.

I don’t really care about Bitcoin—really I don’t—but I guess I’m curious about something. How is that cyber thieves were able to steal a million bitcoins from Mt. Gox? I understand that Mt. Gox had inadequate security, but I thought the whole point of bitcoin was that it was protected by its very nature: every transaction is stored in a block chain; the block chains are mirrored by thousands of bitcoin miners; and you can’t screw with the block chains unless you apply galactic amounts of computing power. So even if you managed to steal some bitcoins, you couldn’t get anyone else to accept them unless you could demonstrate proper chain of custody, so to speak. Since this is more or less impossible, all the stolen bitcoins are of no use to anyone.

Obviously I’m missing something fundamental here, since I assume thieves don’t bother taking stuff they can never use. And yes, this is just academic interest in the deep geekery behind bitcoin. But can anyone point me to an explainer that tells me exactly how a theft like this could be successfully pulled off?

UPDATE: Judging from some links in comments, apparently the problem is that Mt. Gox had a bug in their software that allowed thieves to create seemingly legitimate transaction changes which were propagated throughout the block chains. There is a known problem with the bitcoin protocol that allows this, and Mt. Gox didn’t properly protect against it:

Many exchanges use the Transaction ID to uniquely identify transactions, but as it turns out, an attacker can change the Transaction ID without changing the actual transaction, rebroadcast the changed transaction (effectively creating a double-spend) and if his altered transaction gets accepted into a block instead of the legit transaction, the attacker receives his coins and can complain with the exchange that he didn’t. The exchange will then check their database, fetch the Transaction ID from it, look it up in the blockchain and not find it. So they could conclude that the transaction indeed failed and credit the account with the coins. … A simple workaround is to not use the Transaction ID to identify transactions on the exchange side, but the (amount, address, timestamp) instead.

I don’t know that I actually understand this, but then again, I’m not sure I want to. In any case, apparently it’s a known bug that Mt. Gox should have handled in its internal software. But they didn’t.

UPDATE 2: Emin Gün Sirer, who sure sounds like he knows what he’s talking about, says that the problem above, known as “transaction malleability,” is almost certainly not behind the Mt. Gox theft. Nor was it lost keys, hackers, web server problems, or US spooks.

So what was it? He doesn’t know. He concludes with this: “Chances are that this is a simple case of theft, involving at least one insider.” So I guess we still have to wait and see.

We Recommend


Sign up for our free newsletter

Subscribe to the Mother Jones Daily to have our top stories delivered directly to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.


Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.