This is What Most Likely Happened to MtGox
There has been a ton of speculation as to what happened in the catastrophic failure of MtGox. The only thing we know for sure is that it somehow “lost” upwards of 750,000 of customer BTC, valued around $450 million. A number of theories have been circulating on the internet. Here I’m going to talk about the one that seems the most plausible to me. H/t to /u/PuffyHerb on Redditfor most of this.
The theory is essentially that the U.S. Government seized MtGox’s cold storage wallet and Karpeles can’t disclose that information due to a gag order.
Before getting into that let’s recap the “official” story of what is believed to have happened.
- MtGox was ignorant of the transaction malleability issue despite it being known for years and there being a wiki page dedicated to it.
- They tracked transactions improperly given the malleability issue (this may or may not have happened).
- They automatically reissued transactions when the transaction ID showed an unconfirmed transaction rather than requiring human intervention by a customer support agent.
- They had the cold storage wallet actually connected to the internet, essentially making it a hot wallet. And automatically refilled the hot wallet when empty without throwing up any red flags.
- All this went unnoticed for years and MtGox only realized when their wallet was completely empty.
The amount of incompetence necessary to lose that many Bitcoin this way is truely unfathomable. I know we all have a low opinion of Mark Karpeles, but I’m not sure he could be that incompetent.
So what’s the evidence that MtGox had their cold storage wallet confiscated?
Let’s start with the fact that Karpeles was pretty explicit in the past (seebitcointalk) that MtGox does indeed use cold storage:
On average 98% of customer bitcoins are held in cold storage, with possible variations on large bitcoin moves (large deposits or customers asking for large withdrawals). […]
Offline wallets are generated from an offline system and kept in paper format in three separate locations, using a technology based on raid. It will likely be changed to use Shamir’s Secret-Sharing method in the future, and all existing offline wallets will be converted to this.
So if that is true there is no way MtGox could have lost bitcoins as described above. Either this quote is a bold faced lie, or something else is going on. Karpeles strikes me as less than competent, but not this big of a liar.
Continuing, last year MtGox had it’s U.S. bank account confiscated by the U.S. Government for allegedly operating without a license in the United States.
In January we learned from the testimony of Federal officials that the claim that MtGox was operating with a license (which it may have been) was largely used by the Federal Government as a cover for an investigation into the Silk Road. Here’s how it was reported by The Genesis Block:
Recent testimonies by federal agencies indicate that the account seizures were in fact related to the multi-year pursuit of Silk Road operators, rather than a crackdown on money transmission infractions for their own sake. In particular, the written statements not aired on television provide additional insight into the motives behind the seizures.[…]
Looking backwards, it’s clear why the Silk Road connection couldn’t be noted in any court filings that would become public. If federal agents made known at the time that they were actively pursuing Silk Road it could interfere with their ongoing investigation. This also means that, at least in this case, it appears money transmission laws were enforced on Mt. Gox not simply for their own sake, but to gain insight and hinder the capital flow to Silk Road without exposing the larger goal of shutting down the international narcotics marketplace.[snip]