Demise of Mt Gox exposes the shaky foundations of Bitcoin


The Mt Gox Bitcoin exchange, the most high-profile market for the online currency, has suspended trading on its systems. It shut down on 24 February after noticing “unusual activity” and is yet to reopen.

Reports suggest that Mt Gox failed to notice a sustained hack that has cost it hundreds of millions of dollars worth of Bitcoin, meaning that up to 6% of the Bitcoins in circulation have been stolen. It looks like exchange may have suffered a loss that has rendered it insolvent. It’s not the first incident Mt Gox has reported, and over the past few weeks there have a number of reports of cyber-security problems that have dented users’ faith in the ability of online exchanges to hold their cyber-currency.

The news has been seen as such a serious issue that other exchanges have rapidly sought to distance themselves from Mt Gox. Far from rallying round to support a fellow exchange, a group including Coinbase and BTC China has issued a joint statement lamenting the “trust squandered by the failings of Mt Gox”. The group is seeking to remind Bitcoin owners that “there are hundreds of trustworthy and responsible companies involved in Bitcoin” and urges them not to see Mt Gox’s failings as reflecting weakness in the Bitcoin currency itself.

But the sorry tale has left many wondering whether this new currency and those who handle it on our behalf can be trusted. And trust is paramount for the success of a cyber-currency that has no central monetary authority to protect it.

Recent incidents have highlighted one particular issue in the technical nature of Bitcoin: transaction malleability. This arises from the fact that not everything in a Bitcoin transaction is encrypted. Imagine you write a cheque and take a picture of the cheque to prove you wrote it. That picture is recorded in a ledger so that if the recipient disputes being paid you can show everyone the picture as proof that you wrote them a cheque. But now suppose the recipient were able to alter the cheque, take their own picture of it and lodge it in the ledger. When your picture and the recipient’s picture are compared, they don’t match. You might be obliged to write another cheque, and another, and another, even though each cheque is valid and can be cashed.

This is essentially how people have been able to make repeated withdrawals from some Bitcoin exchanges, even though this issue was first raised in 2009 and options have since emerged to prevent users from doing it.

And there’s the rub. Crypto-currencies are complex structures, both technically and financially. Yet in the case of Bitcoin, there is no central bank to step in to protect the currency. If it suffers a failure, be it technical or economic, no one will step in to prop it up. It has the potential to be the ultimate Emperor’s New Clothes: if users lose trust that it is worth exchanging for real currency, or that this process can be achieved reliably, then the currency will be worthless.

Of course, Bitcoin is not the only crypto-currency. There are many competitors in the “market” but Bitcoin is the one that has caught the public imagination. It has seen its value rise and the number of shops and services willing to accept it for transactions has grown steadily.

But being the brightest star makes you potentially the most vulnerable. Once you have real value in world economies, criminals will look for ways to exploit your currency.

Many had worried that Bitcoin was a problem because it allowed online criminal outlets to sell items such as drugs using the anonymous nature of transactions. But it turned out that this anonymity was not quite as watertight as many thought. There are some crypto-currencies that are truly anonymous but Bitcoin itself warns users that it is not and that it is up to individuals to take the necessary steps to protect the anonymity of their transactions. Those steps are either not known about or are beyond the capabilities of many.

With these potential issues it does make one wonder why Bitcoin has built such a head of steam. I suspect it’s precisely because there is no central authority and as such users feel somehow they are bypassing all governments and central banks, reverting instead to a more traditional system based upon a currency that is “owned” by the users themselves.

In a rather perverse way it may be that users of Bitcoin are finding out the hard way that having a government standing behind a currency, and applying major resources to protecting its security and reliability, is actually something to be welcomed rather than shunned. Criminals will prey on the weakest and if your technology is your only protection you had better be 100% sure that it is secure and that those implementing it on your behalf have taken all of the necessary steps to protect your “money”.