We spoke to Andreas M. Antonopoulos, Bitcoin Entrepreneur and security systems expert regarding the current Bitcoin transaction malleability problem.
Are Mt. Gox trying to pass the blame onto the Bitcoin Developers? Will this cause irreversible damage to the currency ?
Mt. Gox was relying on an incorrect implementation, it appears other exchanges were also relying on incorrect implementations. These incorrect implementations were susceptible to confusion by relying on transaction hashes for *unconfirmed transactions* which cannot be and should not be relied on. Many other exchanges and services, including the one I work as CSO (blockchain.info) had a correct implementation and were therefore not affected by the known issue of transaction malleability.
The issue was known since 2011, and Gox was warned not to rely on transaction hashes that this was not the best practice and could lead to problems.
Their attempt to blame the bitcoin software was grossly irresponsible. In the end it will further discredit Gox and reveal their management incompetence. Gox is now a minority exchange that has repeatedly suffered issues related to poor quality control in their software development methodology and has compounded these issues with bad communication and attempts to shift the blame elsewhere.
They represent less than 20% of the exchange volume and after their most recent problems and subsequent communications, they will likely lose more customers. Meanwhile, bitcoin remains unaffected. No transactions were falsified, the network continues to operate normally, and the authoritative ledger contains a correct record of transactions. If Gox had used the authoritative ledger as their reference instead of relying on an unreliable identifier, they would not have been defrauded by customers or had to suspend withdrawals.
In other words, Gox was sloppy, then they blamed someone else. Then they were rightly corrected by several well informed participants and many of the core developers.
Today we are seeing malicious actors trying to flood the bitcoin network with such malformed transactions in an effort to find other exchanges with similar implementation errors.
Some exchanges have temporarily suspended withdrawals in order to ensure they can process everything accurately. It’s like a retail customer showing up at a customer service desk with a photoshopped receipt and trying to get a refund. Mt. Gox was fooled because they didn’t check the receipts against the blockchain.
Others are not fooled, but today they saw a flood of such attempts, as if retail shoppers showing up with shoeboxes of falsified receipts hoping to cash in on this problem. These other exchanges are now dealing with a flood of these which is delaying legitimate withdrawals and some suspended withdrawals in order to check their implementations
In about a week I expect all the exchanges will have robust and correct implementations, as the network has now been stress-tested. Some will resume quickly, Gox might take a bit longer to resume. In the end, the entire industry will be more resilient.