Bitcoin (BTC) is an anonymous (or, more accurately, pseudonymous) digital currency created two years ago by Satoshi Nakamoto. The currency
currently carries a value higher than the US dollar, Euro, or British pound; each bitcoin is currently worth US$16 US$0.
It’s a partially decentralized currency that allows buying and selling without bank or government oversight, using strong cryptography and an open transaction register to confirm and secure each stage of a transaction.
The problem with digital currencies in general is, as Thomas Lowenthal, writing for Ars Technica, points out, is their non-rivalrous nature. When you spend a physical dollar, you can’t spend it again somewhere else tomorrow. When you spend a bitcoin, you use your private key to cryptographically acknowledge the exchange using the recipient’s public key.
Earlier this week, bitcoin’s profile rose drastically when a long-time user claimed that BTC25,000 was stolen from his computer. As Gavin Andresen, of the bitcoin project, tells Timothy B. Lee writing for Ars Technica, there’s no mechanism for tracking the stolen digital currency and transactions are designed to be irreversible. “Once a transaction hits the network, you can generate other transactions that depend on that transaction. So bitcoin transactions get tangled up fairly quickly.”
Kevin Poulsen, writing for Wired, reports on a new piece of malware that “seeks out and steals victims’ bitcoin wallets” on Windows computers.
Just as I was preparing to publish this, the bitcoin digital currency collapsed when a very large sell transaction, originating from a compromised account, dropped the bitcoin trade value from about US$17 to zero in a few minutes. One of the main bitcoin exchanges, Mt. Gox, is now offline and is attempting to roll back the transaction. As noted above, that’s going to be nearly impossible and is not sitting well with at least some users of the exchange. Mt. Gox claims that the compromised account was subject to the US$1000 per day withdrawal limit, so only something around BTC60 (worth about US$1000) were lost.
This in itself is alarming for anyone cheering — quietly or otherwise; myself included — for alternative, anonymous digital currencies: BTC60 was enough to bring down one of the exchanges and cause a run on the currency.
Sometime after Mt. Gox took itself offline, a large number of exchange account information was leaked, including username, email address, and hashed password. Accounts with relatively strong passwords are most likely safe; those with weak passwords are probably compromised.
Even if Mt. Gox can recover and successfully execute the rollback, stick a fork in it, it’s done. Bitcoin, the currency, may not suffer the same fate. At Tradehill, a newer bitcoin exchange and competitor to Mt. Gox, the bitcoin trade value is back up to US$13, as users realize that it was a single exchange that was compromised; the security model of the currency itself remains unscathed.