recommended reading

Why Nobody Can Withdraw Bitcoins From One of the Currency’s Largest Exchanges


The morning of Friday, Feb. 7, the prominent Japanese bitcoin exchange Mt. Gox announced that, due to technical problems, it would be putting bitcoin withdrawals on hold. Customers would still be able to cash their bitcoins in for other currencies, or trade on the market. But getting bitcoins out of Mt. Gox would be impossible.

The price of a bitcoin tumbled over the weekend at the news, from roughly $850 to closer to $675.

This morning Mt. Gox published an update on its site, stating the hold on bitcoin withdrawals was prompted by a bug in the software on which bitcoin operates:

A bug in the bitcoin software makes it possible for someone to use the Bitcoin network to alter transaction details to make it seem like a sending of bitcoins to a bitcoin wallet did not occur when in fact it did occur…This defect, known as “transaction malleability” makes it possible for a third party to alter the hash of any freshly issued transaction without invalidating the signature, hence resulting in a similar transaction under a different hash.

So what does that mean?

Transaction malleability

To understand transaction malleability, we need to quickly cover some bitcoin basics. (You can read a more in-depth bitcoin explainer here).

First, bitcoin transactions: When one person, call her Alice, transfers bitcoins to someone else, Bob, it does not involve withdrawing money from a bitcoin account. Instead, what Alice is doing is taking a transfer of bitcoins that she received from somebody else at some point in the past and signing that transfer over to Bob.

When she does, a transaction record is created, containing the following: a reference to the previous transaction (the one in which Alice received the money she is now conveying to Bob), a private digital signature that Alice uses to prove that the bitcoins in the previous transaction were in fact given to her, the amount she is transferring to Bob, and a digital address (sort of like an email address) where Bob will receive the money.


That transaction record is sent out to the network of bitcoin miners, who then check it. If the transaction is legit, it is added to the growing pulic ledger of every bitcoin transaction ever, known as the block chain. Alice has successfully transferred those bitcoins to Bob.

So far, so good.

Now, for Bob to use these bitcoins — the ones he just received from Alice — he has to have a way of referencing that transaction, of pointing to it in the block chain. The bitcoin protocol makes this easy by creating a unique ID for every single bitcoin transaction. That unique ID is generated by running the contents of the transaction record through what’s called a hash function.


The hash function takes the transaction record, does some sophisticated math, and spits out a string of 64 characters, something like this:


That output string varies wildly with small changes to the input transaction record, which is one of the reasons why it can serve so effectively as a unique identifier. If you look at a transacation on any website that allows you to explore the block chain, you will always find the hash of the transaction sitting there as a handy reference:

Now, we can answer the question of what transaction malleability is.

When a transaction record is sent out to the network of bitcoin miners, it’s possible for a hacker to tweak it enough to change the hash, but not enough to make the transfer invalid. One of the ways the hacker can do this is by slightly modifying the digital signature in a way that it is still recognized as the right signature, but, again, results in a completely different hash:


So why is this a problem? We are, afterall, talking about legitimate transactions that are still coming from the right place and going to the right place. The only thing that is changing midstream is the unique ID used to reference that transaction. Doesn’t seem like that big of a deal.

But it complicates things for Mt. Gox, at least in theory. When somebody who trades on the exchange wants to take bitcoins out of the system, Mt. Gox has to transfer those bitcoins to her from its own bitcoin wallet. When it does, it makes a note of the transaction by recording the hash. That way, if something goes awry, it has a handy list of references it can use to track down its transactions.

The potential hitch is that, if the hash is changed before it gets entered into the block chain, then the hash that Mt. Gox recorded for a transaction and its actual unique ID in the public ledger won’t match up.


This makes Mt. Gox vulnerable, at least in theory. A Mt. Gox customer could potentially withdraw bitcoins, have the hash changed, and then claim that she never actually received the bitcoins withdrawn. When Mt. Gox checks its records, it won’t find the hash that it recorded for the transaction anywhere in the block chain. The result could be that Mt. Gox ends up paying the customer more than once.

Transaction malleability is nothing new

Mt. Gox did not discover the issue of transaction malleability. It was first identified at least three years ago, and has been discussed by bitcoin software developers in online forums. According to the bitcoin wiki, developers are working on changing the bitcoin software, so that only one version of a digital signature is valid, thus making transactions much less malleable.

Mt. Gox mentions in its press release that it is “working with the bitcoin core development team and others to mitigate this issue.”

One of the core developers, Greg Maxwell, has stated that it’s possible for Mt. Gox to resolve the problem with transaction malleability by changing its own internal systems of accounting—that a fundamental change to the bitcoin software isn’t absolutely necessary.

“This isn’t news to me—for years—and it’s never been a particularly large concern. This wouldn’t make the top ten list of dangers in the bitcoin technology,” said Maxwell.

Reprinted with permission from Quartz. The original story can be found here.

(Image via Lightboxx/

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.


When you download a report, your information may be shared with the underwriters of that document.