'%3e%3crect%20x='109.185'%20y='253.397'%20width='350.859'%20height='857.656'%20fill='white'/%3e%3cpath%20d='M274.77%20708.572H233.194V888.205H286.632C302.651%20888.205%20314.635%20883.711%20322.461%20875.088C330.287%20866.465%20334.322%20851.404%20334.322%20830.149V779.138C334.322%20752.539%20329.797%20734.2%20320.382%20723.997C310.966%20713.795%20295.681%20708.451%20274.77%20708.451V708.572Z'%20fill='%23FF5C00'/%3e%3cpath%20d='M310.966%20610.558C320.015%20601.206%20324.539%20585.295%20324.539%20563.19V530.518C324.539%20490.559%20308.887%20470.519%20277.705%20470.033H232.949V624.768H269.512C287.977%20624.768%20302.039%20619.91%20311.088%20610.436L310.966%20610.558Z'%20fill='%23FF5C00'/%3e%3cpath%20d='M277.582%200C124.362%200%200%20123.399%200%20275.704V1069.3C0%201221.48%20124.239%201345%20277.582%201345C430.803%201345%20555.165%201221.6%20555.165%201069.3V275.704C555.165%20123.52%20430.926%200%20277.582%200ZM426.523%20833.064C426.523%20878.367%20414.539%20912.739%20390.817%20936.423C375.898%20951.241%20356.7%20961.322%20333.221%20966.909V987.677C333.221%201002.5%20320.993%201014.64%20306.075%201014.64C291.156%201014.64%20278.805%201002.5%20278.805%20987.677V971.888H232.949V987.677C232.949%201002.5%20220.721%201014.64%20205.803%201014.64C190.884%201014.64%20178.655%201002.5%20178.655%20987.677V971.888H170.218C150.53%20971.888%20140.625%20962.05%20140.625%20942.496V415.743C140.625%20396.188%20150.53%20386.35%20170.218%20386.35H178.655V357.201C178.655%20342.383%20190.884%20330.238%20205.803%20330.238C220.721%20330.238%20232.949%20342.383%20232.949%20357.201V386.35H278.805V357.201C278.805%20342.383%20291.034%20330.238%20306.075%20330.238C321.115%20330.238%20333.221%20342.383%20333.221%20357.201V388.78C333.221%20389.994%20332.977%20391.087%20332.855%20392.18C354.499%20397.524%20371.863%20406.512%20384.703%20419.386C406.469%20441.491%20417.597%20475.377%20417.597%20521.045V544.364C417.597%20604.363%20397.42%20642.743%20357.556%20659.14V660.719C403.656%20676.265%20426.646%20717.074%20426.646%20782.782V833.064H426.523Z'%20fill='%23FF5C00'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_1_174'%3e%3crect%20width='555'%20height='1345'%20fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e)
- Mark Karpelès, the geek
- The purchase of Mt. Gox
- The first incidents
- Managing the first speculative bubble
- Mt. Gox's competitors
- June hacks
- The consequences of piracy
- The closure of MyBitcoin
- Bitomat's bankruptcy
- Fragile growth
The period that began in the spring of 2011 was characterized by the development of exchange activity between bitcoin and traditional currencies, such as the dollar and the euro. This type of service played an essential role in Bitcoin's economy, which was too small to operate in a closed loop. Miners needed to sell their rewards to pay their electricity bills. Traders, including the Silk Road vendors, needed to collect dollars to pay back their suppliers. Their customers, who generally didn't have bitcoin, needed to obtain it beforehand. There was also strong speculative demand, from people who saw cryptocurrency as an investment.
The first major exchange platform was Mt. Gox, launched "on a lark" in July 2010 by entrepreneur Jed McCaleb. Thanks to its automated operation, it quickly established itself as the main way to exchange dollars into bitcoins, and vice versa. In early 2011, faced with the scale of the task, Jed McCaleb decided to hand over the platform to a more technically qualified and motivated individual: French developer Mark Karpelès.
Along with Silk Road, the platform was central in this part of Bitcoin's history. It was the main site of the first real speculative bubble in the price of bitcoin, which peaked at $32 in June. It also suffered a massive hack, and was linked to several incidents that occurred then in the ecosystem. In this chapter, we'll talk about the circumstances surrounding the takeover of Mt. Gox, its meteoric success from the spring onwards, the competitors that emerged at the same time, the problems it encountered and the consequences this had on Bitcoin's economy. But let's start by introducing its new owner, Mark Karpelès.
Mark Karpelès, the geek
Mark Karpelès was born in France in 1985. An only child, he was raised by his single mother. He quickly developed an interest in computers, video games and manga. By his twenties, he was a geek (https://web.archive.org/web/20140302234940/http://blog.magicaltux.net/2006/02/12/pensees-nocturnes/): in 2007, he even appeared in the French documentary Suck my Geek, dedicated to those passionate about fantasy, technology and computers. In 2009, keen to leave France where he had never really felt at home, he moved to Japan in June 2009 out of an attraction for the local culture. There, he founded Tibanne Co. Ltd (named after his cat, Tibane), through which he worked on a freelance basis. In particular, he ran a hosting service called KalyHost.
Mark Karpelès in Suck My Geek in 2007 (source: MrReportageTV on Youtube)
He learned about Bitcoin in the autumn of 2010 from a French customer based in Peru (William Waisse alias Neofutur), who asked him if he could pay an invoice in bitcoins. Mark was open to the possibility, and quickly developed a passion for the system. Unlike Martti Malmi, Ross Ulbricht or Roger Ver, the young Frenchman was not an ideologically motivated libertarian; nor was he a profit-hungry speculator. Rather, his interest in Bitcoin was rooted in technical curiosity. As he would say in 2014:
"What interested me in bitcoin was the technological aspects. In other words, the fact of maintaining a global database in a secured way. The fact that each client has a secured private wallet. To have an entirely decentralized system. Also, bitcoin allows you to have a database that is public."
As soon as he discovered it, he immersed himself in the workings of Bitcoin and began writing programs to take advantage of it. In November, he started accepting bitcoin payments with KalyHost (Ross Ulbricht would use this service to host the Silkroadmarket.org web page). In December 2010, he created a new wiki, Bitcoin.it, which would soon become Bitcoin's main wiki. He also set out to develop a software implementation, dubbed QBitcoin, but didn't follow through.
The purchase of Mt. Gox
At the beginning of 2011, Jed McCaleb was managing Mt. Gox as best he could. The platform was not secure at all, as some community members, such as Casascius, pointed out. Furthermore, Jed was unsure about the regulatory compliance of his business. The PC World article had already affected the price, and he rightly feared that the upward trend would continue. He therefore began looking for a buyer.
His choice fell on Mark Karpelès, who was active in the developer community, notably on the IRC channel #bitcoin-dev. The Frenchman helped Martti Malmi host Bitcoin.org and helped Jed accept the euro, thus demonstrating his technical skills. On January 18, Jed offered Mark the chance to take over Mt. Gox. In his e-mail, he wrote:
"Hi Mark,
Please keep all this confidential I don't want to start a panic and I'm not sure I'll do it yet but I'm thinking I might try to sell mtgox. I just have these other projects I would like to devote more time to. Would you be interested? It could be very little up front and just a payout based on revenue or something. There is also an investment group that wants to fund mtgox. Probably around $158k. So you could most likely take it over with some cash."
After discussions on the terms of the agreement, the contract was finally signed on February 3. Jed McCaleb retained 12% of the company and 50% of revenues for six months, after which the rest was transferred to Mark Karpelès' company, Tibanne Co. Ltd. A clause in the contract released Jed from any legal liability.
On March 6, Jed McCaleb made the transfer official on the Bitcoin forum. In his last message with the Mt. Gox account, he explained:
"I created mtgox on a lark after reading about bitcoins last summer. It has been interesting and fun to do. I'm still very confident that bitcoins have a bright future. But to really make mtgox what it has the potential to be would require more time than I have right now. So I've decided to pass the torch to someone better able to take the site to the next level."
In the months that followed, Jed continued to help Mark manage the platform. However, he would soon be absorbed by a new project for digital currency, which would materialize in the redesign of Ripple in 2012, followed by the creation of Stellar in 2014.
The first incidents
As we said at the beginning of 2011, the Mt. Gox platform was not secure. And it was logically subject to a number of attacks of varying degrees of severity, including an XML injection that enabled a malicious user to make an unauthorized withdrawal of $50,000 from his Liberty Reserve account. When Mt. Gox changed hands, the platform was already a poisoned gift for Mark Karpelès. But the trouble didn't stop there.
On March 1, 2011, just as the transfer was about to be made official, 80,000 bitcoins evaporated into thin air thanks to malicious access to the site's wallet.dat file. On the 3rd, Jed McCaleb noticed the withdrawal and informed Mark on IRC that "something bad happened". It was a major loss (one bitcoin sold for $0.92 at the time), which would grow larger and larger over the following months with the unprecedented rise in price.
This problem was mentioned by Jed on April 18 in an email to Mark, where he wrote:
"I can't tell how big an issue it will be to be short 80k BTC if the price goes to $100 or something. That is quite a bit to owe at that point but mtgox should have made a ton of BTC (Bitcoin) getting to there. There is also still the fact that the BTC (Bitcoin) balance will probably never fall below 80k. So maybe you don't really need to worry about it."
Managing the first speculative bubble
In the late spring of 2011, the first speculative bubble in the price of bitcoin took place. As described in the final chapter of our first course on the history of Bitcoin, this bubble was characterized by the proliferation of groups forming around Bitcoin, by media attention coming from both independent bloggers and online news outlets, and by high activity on exchange platforms. A year later, it would be called "the Great Bubble of 2011" by Vitalik Buterin, the young editor-in-chief of Bitcoin Magazine.
In April, following the publication of the Forbes article, the price surpassed its former peak and reached $3. Speculative enthusiasm continued in May, pushing the price to $10. Finally, the publication of the Gawker article helped bring widespread attention to Bitcoin and triggered the final speculative episode, with the price briefly reaching $32 on June 8.
The price of bitcoin on Mt. Gox in 2011 (source: Bitcoin Charts via Bitcoin.com)
This phenomenal increase was particularly beneficial to Mt. Gox, which had seen an explosion in traffic. Between Mark's effective takeover in March and the end of May, the number of user accounts rose from 3,000 to 60,000. Over the same period, daily trading volume rose from a few thousand dollars to several hundred thousand dollars. In June, it even exceeded two million dollars for a few days!
Managing this growth, however, was a nightmare: Mark received countless emails and support tickets. He had to manage multiple payment methods, the latest two being SEPA credit transfers (Mark had opened an account with a French bank) and the Dwolla service. Some deposits got lost along the way.
As time went by, things improved. In June, Mark Karpelès hired an employee to help him, a certain Adam Turner, whose civilian name is Ashley Barr. He also decided to set up the company in an office in Tokyo's prestigious Cerulean Tower, a true mark of success.
The Mt. Gox office in June 2011 (source: Mark Karpelès on Twitter)
Mt. Gox's competitors
The success of Mt. Gox inspired imitators, both in the United States and elsewhere. As prices and demand rose, launching an exchange platform became profitable. As a result, many competitors—built on the same model and featuring automated order management—emerged over the course of the year, particularly from the spring onward.
Apart from Bitcoin Market (mentioned in HIS201), the first platform to really compete with Mt. Gox was Bitcoin-Central, a platform based in France. It was launched on December 29, 2010 by David François, an experienced web developer who discovered Bitcoin in October and used the pseudonym Davout on the forum. In keeping with the community ethos, the marketplace's source code was open and published under an open source license (AGPL). The platform initially accepted only Liberty Reserve dollars and euros, as well as conventional euro transfers. The system's operation was initially somewhat experimental, but improved over the months. David François added a API, SEPA transfers, and other currencies, such as gold via Pecunix, the Canadian dollar and the Indian rupee.
A second platform was Britcoin, which was launched on March 26 by Amir Taaki (aka Genjix), the young British developer of Iranian origin who wanted to send a letter to WikiLeaks in November 2010 recommending Bitcoin. As its name suggests, the platform was based in the UK and integrated the exchange between sterling and bitcoin. Like David François, Amir published the underlying software under an open source license (AGPL), which he named "Intersango" (from the Esperanto interŝanĝo meaning exchange). Amir was soon joined by Donald Norman and Patrick Strateman (also known by the pseudonym Phantomcircuit) to manage the platform.
Patrick Strateman in 2016 (source: SF Bitcoin Developers)
In April, the three men founded Bitcoin Consultancy, an organization offering software development and technical consultancy. They were assisted by others such as Nils Schneider (Tcatm) and Denis Rojo (Jaromil). This entity also had significant influence, as it organized the first European conferences, in Prague and London. However, beneath its serious exterior lay a spirit influenced by hacker philosophy, as Amir Taaki's personality suggests.
Bitcoin Consultancy website, May 13, 2011 (source: archive)
On June 6, Bitcoin Consultancy launched a new foreign exchange platform, aimed at the European market, called Intersango (like the software behind it). Britcoin and Intersango eventually merged a few months later to form a single site.
In Eastern Europe, the Bitomat platform, based in Poland, was launched on April 4. The interface was rudimentary, but allowed Polish users to exchange their zlotys for bitcoins. Also worth mentioning is Cavirtex, opened on July 2, which operated in Canada.
Another platform was VirWoX (Virtual World Exchange), based in Austria. Opened in 2007, it was a leading marketplace for the exchange of video game virtual currencies, including the Linden dollar from Second Life. On April 27, 2011, the site added bitcoin to its offerings, initially offering exchange only with the Linden dollar, which enabled users to obtain Nakamoto’s cryptocurrency.
Finally, the last marketplace to appear during this period was TradeHill, a platform founded by Jered Kenna, a former marine turned entrepreneur, and Adam Stradling, a financial technology consultant. It was launched on June 8, 2011 and announced on the forum by Bruce Wagner, host of the Bitcoin Show, who worked closely with the platform. TradeHill was based in the U.S. and facilitated exchange with the U.S. dollar, so that it quickly became the second-largest platform in terms of volume, far behind Mt. Gox, which remained the benchmark.
June hacks
The financial success of bitcoin inevitably attracted hackers. Bitcoin's lack of intermediaries and relative anonymity was a perfect feature for thieves, who can seize other people's bitcoins without risking having their loot frozen. On June 13, the first large-scale hack took place: an active member of the community using the pseudonym Allinvain was robbed of 25,000 bitcoins, which he personally owned, equivalent to almost $500,000! He shared his experience on the Bitcoin forum, and the story was relayed in the online press. It appeared that he had been the victim of a Trojan (malware) called Coinbit, which retrieved the
wallet.dat file from a machine running Windows. This put the question of wallet encryption back on the table, a feature that would be implemented a few months later in the software.As we have suggested, Mt. Gox was an ideal target. It was regularly the target of denial-of-service attacks (e.g. on May 1). Moreover, it had already narrowly avoided disaster in May, when a hacker seized 300,000 BTC before returning 297,000 of them.
As a result, a massive hack began on June 16. A hacker (possibly from the LulzSec group) managed to get his hands on the database containing users' pseudonyms and the cryptographic fingerprints of their passwords (hashed by MD5, mostly unsalted. This enabled it to access accounts secured by weak passwords (i.e. short or easy to guess), and to make withdrawals under the $1,000 daily limit. Complaints accumulated on the forum, prompting Mark Karpelès to react on June 18. Karpelès downplayed the thefts, pointing out that they were few in number and supporting the idea that "this seems to be a problem coming mainly from users".
However, on Sunday June 19, reality caught up with Mark. At around 5 p.m., the hacker gained access to Jed McCaleb's personal account, which contained a lot of money. Since the daily withdrawal limit was $1,000, he tried to drive the price as low as possible in order to withdraw as many bitcoins as possible, and started selling bitcoins from the account. This operation provoked a flash crash: the price, which had been hovering around $17.5 during the day, gradually dropped to $0.01 at 5.51pm. The pirate managed to steal 2,000 BTC, or $35,000 at the current price.
*Bitcoin Report Volume 8
Some Mt. Gox users panicked and sold off their holdings to preserve what remained. Others took the opportunity to buy bitcoins at low prices. Upon learning of this, Mark immediately took the platform offline and announced the cancellation of all exchanges that took place during the mass sale, invoking "force majeure".
However, some customers did manage to withdraw funds. This was the case of a certain Kevin Day, alias Toasty, who managed to buy 259,685 bitcoins at a unit price of $0.0101, for a total of $2,623, and withdraw 643 of them from the platform. Because of this exceptional purchase order, he was suspected by Mark Karpelès of acting in collusion with the pirate. To prove his good faith, he appeared on the Bitcoin Show the day after the hack, and ended up placing the bitcoins in an escrow account with ClearCoin, an escrow service run by Gavin Andresen. The funds would be released from the account a month later, with no word on whether Mt. Gox was successful or not.
But the flash crash wasn't the only dramatic event that took place that day. A few hours later, around 7.30 p.m., the hacker made public the user database. This would enable other, more experienced and malicious people to exploit it fully. They would be able to access accounts on other services such as GMail, TradeHill and MyBitcoin.
The consequences of piracy
The result was disastrous for Mark, for Mt. Gox and Bitcoin in general... The exchange platform was shut down for a time, removing access to the most liquid market in the ecosystem. Speculative enthusiasm subsided, and the price began to fall. By July 5, one bitcoin was trading for just $13.
Hacks tarnished Bitcoin's public image. Although an individual hack like Allinvain's was not representative of the rest of the network, and even though Mt. Gox was just a cryptocurrency-powered exchange service, ordinary people tend to equate Bitcoin as a whole with these events. On June 20, Tim Worstall wrote an article for Forbes in which he announced "the end of the Bitcoin experiment", making it one of the first "Bitcoin obituaries" published by the press (which would be listed on Jordan Tuwiner's website from 2014 onward). He asserted:
"Bitcoins aren't secure, as both the recent theft and this password problem show. They're not liquid, nor a store of value, as the price collapse shows and if they're none of those things then they'll not be a great medium of exchange either as who would want to accept them?"
On June 21, to improve the situation and reassure customers, Mark Karpelès and Adam Turner appeared on Bruce Wagner's Bitcoin Show. On the 23rd, Mark moved 424,242 bitcoins onto the blockchain to prove the company's solvency, and the platform finally reopened on the 27th. Having realized the need for better communication, Mark would also appear in an episode of the Bitcoin Show in French hosted by David François in July!
A final consequence of the Mt. Gox hack was the accelerated development of dual-factor authentication (two-factor authentication) as a means of accessing an account. This procedure typically supplements a simple password with the requirement to provide information from a third-party device, like a mobile phone. As of July 7, Mt. Gox proposed to its customers to order dedicated YubiKeys, which are specialized USB keys that issue one-time passwords. These began to be distributed during the following week.
YubiKey dedicated to Mt. Gox (source: Tech Solvency)
Competing platforms were also implementing a dual authentication solution. Bitcoin-Central opted for Google Authenticator on June 30. TradeHill switched to the Duo Security service from July 13.
The closure of MyBitcoin
In the summer of 2011, most new cryptocurrency users turned to MyBitcoin, the custodian application for managing bitcoins without having to worry about running complex software. It was available online in the form of a web interface, and you only need a password to access your account. The application was promoted by the tutorials of the time as a simple solution for receiving bitcoins. Bruce Wagner presented it on his BitcoinMe.com website as a "super fast and easy to get started with using Bitcoin". It was so easy to use that many people did not follow Satoshi's advice to just keep "spare change" on the app, and use it as a savings account.
In the days following June 19, MyBitcoin suffered the consequences of the Mt. Gox data leak. Malicious individuals gained access to numerous accounts protected by a weak password reused on Mt. Gox. For example, BrightAnarchist, the forum member who had pushed EFF to accept bitcoin in 2010, ended up losing all his funds. On June 25, Tom Williams, the anonymous president of MyBitcoin, explained that 1% of the users involved in the Mt. Gox data leak had been affected and that 4,019 bitcoins had been stolen, equivalent to $70,000.
However, the application's setbacks didn't stop there. On July 29, MyBitcoin suddenly shut down. Nearly 78,740 bitcoins were missing from the application's wallet, an amount equivalent to over a million dollars at the time and corresponding to 51% of the funds in customers' accounts, forcing the service to refund the rest and disappear. Although MyBitcoin claimed hacking (yet another one!), there was evidence to suggest that its manager, Tom Williams, was behind the theft.
Tom Williams announcement of August 4, 2011 (source: Bitcoin Wiki)
Some individual losses were high. In particular, Bruce Wagner was affected: he claimed to have lost, along with his spouse, over 25,000 bitcoins, or over $300,000 at the time of closure. He made a series of broadcasts dedicated to this event. In addition, Bruce's advice to use bitcoins tarnished his reputation, and the Bitcoin Show ended a few months later.
Despite this fall in confidence, custodial wallets continued to gain popularity. Such was the case with Instawallet, which had been around since April. In response, Bitcoin Consultancy launched its own service, Vibanko, in August.
Bitomat's bankruptcy
In parallel with this event, the Polish Bitomat platform encountered a major problem. On July 26, the administrator proceeded to increase the server's resources, with the (unusual) effect of restarting the virtual machine and deleting the data present, including the system's private wallet keys. The loss amounted to 17,000 bitcoins, or around $235,000 at the time. Although the trading volume was not huge, this was the third largest exchange platform behind TradeHill and Mt. Gox, which made the incident significant.
To avoid harming his customers, the administrator offered to sell the platform for 17,000 BTC. This appealed to Mark Karpelès, who wanted to gain a foothold in the Polish market. On August 11, Mt. Gox announced its acquisition of Bitomat, in order to "restore confidence in the bitcoin economy". But this added 17,000 BTC to Mt. Gox's liabilities.
These losses were compounded by Mt. Gox's mishandling in October 2011: some 2,609 bitcoins (worth over $8,000) were sent to an invalid address, rendering them unspendable. This programming error revealed Mark's general carelessness, foreshadowing the tragic fate of the exchange platform.
Fragile growth
In 2011, Mt. Gox was at the heart of Bitcoin's economy. Like the ecosystem as a whole, the platform flourished in the first half of the year. Under the leadership of Mark Karpelès, it took on a new dimension. He opened offices and hired an employee.
However, this dazzling growth concealed a great fragility. The Mt. Gox platform suffered several hacks during this period, which meant that it accumulated losses over the months: more than a hundred thousand bitcoins were unaccounted for by the end of the summer. This foreshadowed a sharp decline. However, Mt. Gox would first grow into a massive platform over the next two and a half years.
Quiz
Quiz1/5
his2032.2
How many bitcoins were transferred by Mark Karpelès to prove the solvency of the Mt. Gox platform on June 23, 2011?