又一家比特币交易所比特币被盗，价值5万美金

作者：BTC-Miner 发布：2014-03-05 10:31 分类：比特币资讯踩踏：7,120次抢沙发

昨天在bitcointalk上看到的消息，一家名为poloniex的比特币交易所宣布比特币被盗，被盗比特币数量占该交易所比特币的12.3%。根据该文章说明比特币被盗过程，如其他交易所比特币被盗没有什么差别。就是黑客发现了提款代码中的漏洞。漏洞利用了提款步骤中的时间差。一般的提款步骤是：

1、输入验证

2、余额检查，看看是否有足够的资金

3、如果你点击提现，那么账户余额将做相应的扣除

4、这个提现操作将插入数据库

5、电子邮件确认

6、如果你在电子邮件中确认提现，那么提现进程将处理这个提现请求

黑客就是发现如果多申请几个提现在同一时刻进行，那么这几个步骤或多或少的会在同一时刻处理，这个时候就会导致负平衡。但是提现操作也是有效插入到了数据库，也就是系统同样认可有效。这样提现依然能够进行。即便账户余额已经是负数了。

大概情况就是这样，实际上损失的也不多，这就是一个小交易所，但是同样也给所有比特币交易所敲响警钟，安全是比特币生存的最重要的环节，没有了安全，比特币的基础将不再存在。

对于该文的真实性，博主无法判断，但是如果是真实的，那么任何一家比特币交易所都有跑路的可能，而且都可以采用这个借口，一旦发现自己资不抵债或者已经赚的差不多了，或者想跑路了，都可以对外宣布自己的比特币被盗，然后因为政府对于比特币都不承认，所以在法律层面完全是空白，说难听一点，定罪都不知道该定什么罪名。比特币的信誉将摇摇欲坠。

原文如下（简单英文，如果不明白请人看一下，或者在线翻译看看）：Today, about 12.3% of the BTC on Poloniex was stolen.

How Did It Happen?

The hacker found a vulnerability in the code that takes withdrawals. Here’s what happens when you place a withdrawal:

1. Input validation.
2. Your balance is checked to see if you have enough funds.
3. If you do, your balance is deducted.
4. The withdrawal is inserted into the database.
5. The confirmation email is sent.
6. After you confirm the withdrawal, the withdrawal daemon picks it up and processes the withdrawal.

The hacker discovered that if you place several withdrawals all in practically the same instant, they will get processed at more or less the same time. This will result in a negative balance, but valid insertions into the database, which then get picked up by the withdrawal daemon.

What Did Poloniex Do Wrong?

The major problem here is that the auditing and security features were not explicitly looking for negative balances. They add deposits and withdrawals and check that accounts are in balance. If you have 2 BTC, withdraw 10 BTC, and are left with -8 BTC, the software would see that you deposited 2, withdrew 10, and have exactly what you should: -8.

Another design flaw is that withdrawals should be queued at every step of the way. This could not have happened if withdrawals requests were processed sequentially instead of simultaneously.

What Did Poloniex Do Right?

The existing security features noticed unusual withdrawal activity and froze BTC. That is how the activity was discovered.

What Happens Now?

I take full responsibility for this and am committed to repaying the debt of BTC. The exchange funds are 12.3% short. Because there is not enough BTC to cover everyone’s balances, all balances will temporarily be deducted by 12.3%. Please understand that this is an absolute necessity–if I did not make this adjustment, people would most likely withdraw all their BTC as soon as possible in order to make sure they weren’t left in that remaining 12.3%. Aside from the obvious drawback of most of the BTC being taken out of the exchange, this would not be fair–some people would get all of their money right away, and a few would get none right away.

The amount deducted from everyone’s balances will be recorded, and funds raised from exchange fees, as well as donations from my own pocket (which is not very deep, I’m afraid), will be distributed regularly to all users who have had BTC deducted. Exchange fees will be raised to expedite the recovery of the debt. 1.5% has been suggested by many people, but I will take input on this.

If I had the money to cover the entire debt right now, I would cover it in a heartbeat. I simply don’t, and I can’t just pull it out of thin air.

Right now, all markets and withdrawals are still frozen, and they will remain that way until the negative balance watcher is written and in place and balance deductions are calculated. Please do not bother placing withdrawals right now, as they will not be processed and will probably all be cancelled before functionality resumes. ETA on availability of withdrawals is approximately 12 hours. I am afraid it is 3 AM where I am right now, and I think it is wise for me to get some rest before proceeding.

What Will Be Done to Prevent Further Exploits?

One thing has already been done: the withdrawal daemon now checks for negative balances before processing withdrawals and will freeze any account with a negative balance. This effectively prevents the exploit from being used again, but it is only a hotfix.

The next thing that will be done–before markets are unfrozen–is a daemon will be created that continually monitors for negative balances and freezes any account with a negative balance. After that, markets can be unfrozen and withdrawals resumed. Immediately following that, a daemon that will run automated audits on every account will be created, which will alert me of any strange activity and freeze any account with an overage of a balance.

After that, withdrawals and order creation will be switched to a queued method, where the first step will be to add the task to a global execution queue that will be processed sequentially.

—–

In conclusion…

I sincerely apologize for this, and I am very grateful to the many people who have already expressed their support and belief in my character. I take full responsibility; I will be donating some of my own money, and I will not be taking profit before the debt is paid.

I welcome your opinions on how to proceed, but please be constructive. I do not have the money to wave away the debt, so we’ll need to work together.