The best article I have seen explaining the Bitfinex situation.

in bitcoin •  2 years ago

It was the hack heard 'round the world and the second largest in Bitcoin history. On August 2nd, 119,756 Bitcoin was stolen from Bitfinex.

How did this happen? Negligence. This event laid bare Bitfinex's many operational and technological deficiencies.

Didn’t Bitfinex Have Cold Multi-Signature Wallets?

Believe it or not: no! If you asked them last week, they would give you a carefully-worded statement: they "store users' bitcoin in individual, multi-sig protected segregated wallets."

Notice the missing word. These are hot wallets!

Some history:

In the spring of 2015, approximately 1,500 Bitcoin were stolen from Bitfinex’s hot wallet. As a result they implemented a multi-signature wallet solution: BitGo(ne With The Wind). Each user had their own segregated and supposedly secure wallet.

Bitfinex held two keys, one hot, one cold backup. BitGo held another as a way to enforce spending limits. 2 of 3 keys were needed to sign any transaction. Bitfinex management was very confident this would eliminate the possibility of a large scale theft of customer's Bitcoin.

However in the aftermath of the incident, it has become clear that rather than making the exchange more secure, the Bitfinex and BitGo partnership turned Bitfinex into one giant hot wallet.

BitGo blindly signed any transaction emitting from Bitfinex. That's right: rather than making a secure, audited wallet with spending limits and failsafes, Bitfinex paid BitGo a bunch of money to make its exchange the most insecure Bitcoin operation on the planet. The only innovation was using two hot keys instead of one.

As any educated Bitcoin user could tell you: if the keys are hot, they are at risk. Simply adding another hot key doesn't help.

Now suddenly concerned about proper security, Bitfinex has moved their remaining Bitcoin to their cold wallet.

This is just a small part of the article please read the rest at http://us3.campaign-archive2.com/?u=db45c09bdf20e1866bb32123f&id=f5ef013fef&e=b93b9173ca

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Whale bait

Bitfinex offering a reward of $ 3.6 million for the restoration of Bitcoins stolen

News emerged today from Bitfinex community director Zane Teketta. In response to the question of the existence of such a program, he pointed out that the grant will be awarded to anyone who has information that helped restore the exchange of funds.

Tekett said:

[Five percent] for information leading to recovery (but only in the case of a positive result); if it is a few people, the reward shall be distributed proportionally