[mikecke]

Commentary from my part:

Bitfinex uses BitGo for multi-signature (MultiSig) transactions. 2-of-3 signatures must be present for user funds to be released.

Keys present:

- Offline key held by Bitfinex

- Online key held by Bitfinex to initiate user withdrawals

- Online key held by BitGo to confirm user withdrawals are within constrained limits in a set timeframe

zanetackett, Product Development of Bitfinex, confirmed that Bitfinex's offline key was not compromised. The attack was also not internal [1]. Another set of comments also suggested that BitGo limits were set in place by Bitfinex [2-3].

The automatic limits are designed to constrain BitGo from signing any transaction from Bitfinex that are irregular in volume or exceed a set amount in any rolling timeframe. Somehow they were bypassed. What we have currently suggests that the limits were too large or that BitGo was not enforcing the limits. BitGo and Bitfinex are also separate established entities, so that both of them being compromised for this attack is unlikely. An improper setup between Bitfinex and BitGo is more likely.

[1]: https://www.reddit.com/r/Bitcoin/comments/4vtuxo/bitfinex_se...

[2]: https://www.reddit.com/r/Bitcoin/comments/4vupa6/p2shinfo_sh...

[3]: https://www.reddit.com/r/Bitcoin/comments/4vtuxo/bitfinex_se...

[Eliezer]

Somebody, one of these days, should design a cryptocurrency whose point is just to NOT get stolen.

[patio11]

I can't believe I'm saying this but: this is not a Bitcoin problem, per se. This is a Bitcoin exchange problem. (Bitcoin has many security problems, in the same way that an overweight smoker has many health problems, but that doesn't mean that smoking caused the gunshot wound.)

It's possible to have customer balances of $60 million and not lose them. Thousands of businesses manage this. They suffer $5+ million dollars of damages in less than 0.1% of business-years. (SWAG on a reasonable upper bound-- ask an actuary. This is an insurable risk.) Bitcoin exchanges with this level of deposits sustain $5+ million dollars of damages 20%+ of exchange-years.

Running Bitcoin exchange probably requires $10 million a year in engineering and compliance costs, and consequential changes to the business model with an eye towards a) paying for the actual costs of running the business and b) compromising on other things that users/investors care about, like speed of withdraw, degree of engagement with the regulatory state, and growth rate. Instead of making that tradeoff, Bitcoin businesses continue trying to grow at 100%+ YOY on four, five, or six digit risk budgets. And this works... until it doesn't.

"How do we not transfer substantially all of our assets to fraudsters?" would be an acceptable job interview question at the Medici bank in the early 15th century. It was a solved problem then.

[legulere]

It's as much of a Bitcoin problem as the ethereum DAO hack is a ethereum problem. In a normal banking system you just roll back the transaction, which often is possible. In Bitcoin, what's gone is gone.

[syngrog66]

>In Bitcoin, what's gone is gone.

that's true with US cash too. the problem with some of these exchanges is that they essentially have these buildings with $50M+ cash sitting inside them, but they are NOT also running bank vault level security, quality-wise, to protect that stash. some are better than others, but it makes sense that the worst of them will be run by underqualified people.

I've had the opportunity to look/study behind the scenes at a few major Bitcoin websites, early on, and... let's just say you never wanted to learn how the sausage in the sausage factory gets made. "This PHP kinda works on my box... Let's ship!"

[celticninja]

Also the attackers have plenty of time to snoop, wait and watch for an opening. If you were breaking into a real bank then hanging around drilling or whatever is very noticeable and limits your options. I assume they are always scanning for unauthorised access but it only takes one chink and they are very attractive prospects for hackers so the motivation is there.

[celticninja]

It is a common misconception that bank transfers can easily be rolled back. In the main if it was fraudulent then the bank compensates you, they take the hit. Some times however they will say it was user fault and you take the hit. I was amazed when I found out that after perhaps 2 transfers it is impossible to get back, larger sums may be more easily (or the bank more motivated to) traced but returning the funds is not always possible.

[ryporter]

Normal banking systems can have the same problem when they, too, have lax security. Witness the $100 million heist from the Bangladesh account at the NY Fed.

http://finance.yahoo.com/news/hackers-steal--100-million-fro...

[nickpsecurity]

That the Bangladesh example is the common counterpoint despite tons of banks and money in US unaffected really supports parent's claim. You had go to to a 3rd world country whose banks had little to no security to make average bank look as bad or worse than Bitcoin exchanges. Doesn't work that way.

[erikpukinskis]

The quote was "normal banks can", not "average banks do at the same rate or worse". The point is that the same challenge exists with physical banks, it's just been solved better because they have had more time to develop the security protocols.

[ryporter]

The NY Fed is in New York.

[xorcist]

Bitcoin has problems, but let's not pretend the normal banking system is unhackable, or even possible to roll back. One group did at least four thefts via SWIFT this year using RAT tools in banks, the largest of which netted $80M. Nothing rolled back, no one caught.

[Ntrails]

The important part is that the money lost was the Banks (or the insurance companies - it's unclear). $80m is not chump change, but it also isn't a catastrophic loss which gets passed on to savers.

Of course, understanding the difference between an exchange and a bank is worthwhile - but these guys getting rinsed repeatedly and taking out user wallets is a problem that can't be waved away.

[sievebrain]

Not quite true. The gang that struck Bangladesh attempted to steal a cool billion dollars. After subtracting the transactions that were caught during manual review at other institutions and the transactions that were rolled back, they 'only' got $80 million. Still a lot but it could have been much worse.

[gozur88]

Thieves know there's a possibility the transaction can be cancelled, which is why they tend to strike on Friday afternoon. By the time the theft is discovered the destination account has already been drained.

[LaurentVB]

Do you have a source to know more about this hack?

[DavideNL]

yea well, 'cash' has the same problem, steal cash and it's gone, you can't rollback anything...

[pjc50]

> Bitcoin exchanges with this level of deposits sustain $5+ million dollars of damages 20%+ of exchange-years.

> Running Bitcoin exchange probably requires $10 million a year in engineering and compliance costs

Well, that looks like it's much cheaper to just wing it and take the damages. So that's what the free market will do.

[DennisP]

Here's an article by some cryptocurrency researchers, about a proposed anti-theft extension to Bitcoin: http://hackingdistributed.com/2016/02/26/how-to-implement-se...

The same scheme can be implemented as a one-page smart contract on Ethereum: http://www.blunderingcode.com/ether-vaults/

Of course Ethereum had its own giant theft, but that was from a convoluted, poorly-written, and much larger contract. There are ways to avoid the sorts of vulnerabilities that were exploited there: http://www.blunderingcode.com/writing-secure-solidity/

Probably other vulnerabilities will be discovered. But I think simple contracts that secure ether with multiple keys, timelocking, and so on are a pretty good solution for anyone just storing and sending ether. They're also starting to incorporate formal verification of contracts; the online Solidity compiler includes it now, though it doesn't yet support all Solidity features.

[isho]

Bitcoin's security model is fundamentally different from more traditional money transfer system. Security is distributed pushing responsibility to the edges. Individual users must secure their own keys but only those funds are at risk if those keys are compromised.

By forcing Bitcoin into a central clearing house model like most of these exchanges are doing you arguably have the worst security properties of both models.

[biggerfisch]

Has it been verified that BitGo's key was not simply compromised? As unlikely as it may be that both online keys could be compromised, it certainly seems that it could have happened (perhaps while it was not internal to bitfinex, it could have been internal to BitGo?)

[berberous]

>Who is to blame for this hack, finex, bitgo, users? >>>We're still investigating the hack to figure out exactly how we were compromised, but it does look like it's on us.

Source: https://www.reddit.com/r/Bitcoin/comments/4vtuxo/bitfinex_se...

[mikecke]

If BitGo was compromised, 1 of the 2 remaining keys still must be used to sign the transaction. BitGo has no access without either of the 2 keys that Bitfinex controls.

[biggerfisch]

Sorry, wasn't clear. I assumed it was obvious that bitfinex's online key was also compromised, no matter what happened with BitGo, whether their key(s) were stolen or if their api was abused.