create account

Overview of BitFinex Hack - The problem with redundant controls by sotnd1996

View this thread on: hive.blogpeakd.comecency.com
bitcoin · @sotnd1996 ·
$0.02
Overview of BitFinex Hack - The problem with redundant controls
<html>
<p>&nbsp;https://www.steemimg.com/images/2016/08/16/Untitled165a45.jpg</p>
<p>https://www.steemimg.com/images/2016/08/16/Untitled02f1d63.jpg</p>
<p>https://www.steemimg.com/images/2016/08/16/Untitled2c1463.jpg</p>
<p>https://www.steemimg.com/images/2016/08/16/Untitled3ce4a0.jpg</p>
<p>https://www.steemimg.com/images/2016/08/16/Untitled4b220d.jpg</p>
<p>https://www.steemimg.com/images/2016/08/16/Untitled5926f3.jpg</p>
<p>https://www.steemimg.com/images/2016/08/16/Untitled6d67e4.png</p>
<p>https://www.steemimg.com/images/2016/08/16/Untitled7c4275.jpg</p>
<p>&nbsp;1. See <a href="https://www.bitfinex.com/terms">BitFinex Terms of Service</a> (accessed 09-Aug-2016)&nbsp;</p>
<p>&nbsp;2. See the <a href="https://www.bitgo.com/p2sh_safe_address">BitGo White Paper</a> (accessed 09-Aug-2016)&nbsp;</p>
<p>&nbsp;3. See the BitGo’s <a href="https://blog.bitgo.com/bitfinex-breach-update/">BitFinex Breach Update</a> (accessed 09-Aug-2016)&nbsp;</p>
</html>
👍  , , , , , , , , ,
properties (23)
authorsotnd1996
permlinkoverview-of-bitfinex-hack-the-problem-with-redundant-controls
categorybitcoin
json_metadata{"tags":["bitcoin","blockchain","hack","money","bfx"],"image":["https://www.steemimg.com/images/2016/08/16/Untitled165a45.jpg","https://www.steemimg.com/images/2016/08/16/Untitled02f1d63.jpg","https://www.steemimg.com/images/2016/08/16/Untitled2c1463.jpg","https://www.steemimg.com/images/2016/08/16/Untitled3ce4a0.jpg","https://www.steemimg.com/images/2016/08/16/Untitled4b220d.jpg","https://www.steemimg.com/images/2016/08/16/Untitled5926f3.jpg","https://www.steemimg.com/images/2016/08/16/Untitled6d67e4.png","https://www.steemimg.com/images/2016/08/16/Untitled7c4275.jpg"],"links":["https://www.bitfinex.com/terms","https://www.bitgo.com/p2sh_safe_address","https://blog.bitgo.com/bitfinex-breach-update/"]}
created2016-08-16 13:13:30
last_update2016-08-16 13:13:30
depth0
children1
last_payout2016-09-16 13:26:15
cashout_time1969-12-31 23:59:59
total_payout_value0.020 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length963
author_reputation147,650,885,487
root_title"Overview of BitFinex Hack - The problem with redundant controls"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id833,832
net_rshares202,693,597,058
author_curate_reward""
vote details (10)
@joelkatz · 
The main problem seems to be that BitGo and Bitfinex agreed on a scheme where BitGo would sign transactions without any responsibility to ensure that they aren't obvious theft transactions. There is no point in BitGo's signature being required if BitGo does whatever Bitfinex tells them to and has no responsibility whatsoever. Whatever Bitfinex did to tell BitGo to sign a transaction they could just as well have done to sign it themselves. The reason for a second party is to require two completely independent points of failure. If one completely controls the other, they are effectively one party.
properties (22)
authorjoelkatz
permlinkre-sotnd1996-overview-of-bitfinex-hack-the-problem-with-redundant-controls-20160817t112354544z
categorybitcoin
json_metadata{"tags":["bitcoin"]}
created2016-08-17 11:23:54
last_update2016-08-17 11:23:54
depth1
children0
last_payout2016-09-16 13:26:15
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length602
author_reputation8,350,422,184,586
root_title"Overview of BitFinex Hack - The problem with redundant controls"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id850,863
net_rshares0
Help/Feedback