Feb 27 (Reuters) - The collapse of Mt. Gox might appear sudden, but bitcoin insiders say its downfall began nearly a year ago as the virtual currency exchange tangled with regulators, split from former business partners and grappled with cyber attacks.
Mt. Gox’s fall lays bare the difficulties the bitcoin community faces as it tries to square its freewheeling, libertarian ideals with the rigorous regulation required in financial services and customers’ needs for reliable service.
To be sure, Mt. Gox may return. Its Tokyo-based chief executive, Mark Karpeles, has said he is working hard to solve the problems that forced the exchange to halt trading this week after suspending withdrawals on Feb. 7.
But its road back, if there is one, will be difficult.
U.S. federal prosecutors have subpoenaed Mt. Gox - and other bitcoin businesses - to seek information on a spate of disruptive cyber attacks. And Mt. Gox, once the largest bitcoin exchange, has now been surpassed by others, such as Slovenia-based Bitstamp.
“The first wave of entrepreneurs were evangelists for the technology, but low on quality,” said Nick Shalek, an investor at Ribbit Capital, which has backed bitcoin companies including digital-wallet Coinbase. Now, he said, a more serious group of entrepreneurs is trying to build more serious infrastructure around bitcoin.
Bitcoin is a digital currency that, unlike conventional money, is bought and sold on a peer-to-peer network independent of central control. Its value has soared in the last year, and the total worth of bitcoins minted is now about $7 billion.
Mt. Gox’s decline, ironically, started just as bitcoin was hitting a new level of notoriety in the broader public. Proponents include prominent Silicon Valley venture capitalists who talked up a virtual currency system free of government intervention or control.
Founded in 2009 by American software hacker Jed McCaleb, Mt. Gox was originally a site for people to trade cards for a game called “Magic: The Gathering.” (Mt. Gox is short for “Magic: The Gathering Online Exchange”)
McCaleb turned the site into a bitcoin exchange and sold the fledgling business in 2011 to Karpeles. Under the Frenchman, Mt. Gox became the face of bitcoin - where investors regularly checked the price of the digital currency and where the largest volume of trades occurred.
As regulators started to take notice of the bitcoin market, Karpeles became a vocal champion. He described Mt. Gox as “the main exchange” and argued for bitcoin’s legitimacy while trying to distance it from criminals using the digital currency for money laundering or drug-related activities.
Karpeles said Mt. Gox had no interest in helping criminals launder funds, and pushed back against claims that bitcoin transactions were completely anonymous, noting that while the system was designed for privacy, it was easy to track bitcoins across the network.
If authorities found a way to shut down Mt. Gox, “the likely result will be more exchanges popping up all over, with methods much harder to track, and who will be much less likely to agree to help with any investigation,” Karpeles said in a 2011 email to a reporter for the Compliance Complete service of Thomson Reuters Accelus.
“We want (authorities) to understand that the problem is not bitcoin itself, but what some people do with those,” he said in the message, one of numerous emailed exchanges over the years.
In 2011, bitcoin was barely trading at $1, but volumes were picking up at Mt. Gox, which routinely saw more than 20,000 transactions daily, more than double those in late 2010.
Karpeles said Mt. Gox had servers in the United States but little in the way of money. It used Iowa-based online payment processor Dwolla Inc to make U.S. customer transactions easier.
Bitcoin’s popularity increased incrementally, similar to its price. On April 1, 2013, it topped $100 for the first time, and trading volumes were increasing.
Around this time, a regulatory push intensified. The U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) declared bitcoin exchanges to be money transmitters, requiring them to register, enact formal anti-money laundering programs, and report suspicious activity.
Shortly after that, a bitcoin exchange known as bitfloor was shuttered after its U.S. bank account was closed because it had not properly registered with regulators.
Concerns that regulatory action would cause customer funds to be trapped resulted in a sharp plunge in bitcoin, falling from $230 on April 10 to a low of $68.49 on April 17 - a period of time that turned out to be the peak in terms of dollar-denominated trading on Mt. Gox, according to Bitcoincharts.
It was a sign of the increased regulatory scrutiny the virtual currency would receive.
Karpeles said in an April 13 email that bitfloor’s closure was a fate that would not befall Mt. Gox. “We apply very strict AML (anti-money laundering) procedures to avoid exactly this kind of issue. We have very good relationships with our banking partners and making sure everything is run as good as possible.”
On April 18, Karpeles clarified that Dwolla was the company’s only transaction provider. “We do not use any U.S. bank,” he said via email.
Mt. Gox did not immediately register with FinCEN - a misstep that would in part lead to its demise.
In May 2013, the U.S. Department of Homeland Security froze an account that Dwolla held at Veridian Credit Union in the name of Mutum Sigillum LLC, a Mt. Gox subsidiary incorporated in Delaware. A related court document said another account at Wells Fargo had been seized earlier that month. The Department of Homeland Security justified the seizures by accusing Mt. Gox of failing to register with Treasury as demanded by FinCEN. (It eventually registered in June.)
Karpeles has declined to comment on the seizures, but this complicated the ability of Mt. Gox to allow U.S. customers to liquidate existing investments. Dwolla eventually ended its relationship with Mt. Gox, in a blow to the exchange.
“Most professional users moved away from Mt. Gox months ago, leaving April 2013 or thereabouts. By June 2013, the final nail was in the coffin for U.S. users,” said one of bitcoin’s core developers, who requested anonymity.
This in turn caused bitcoin’s prices on Mt. Gox to surge.
“What happened then is because you couldn’t withdraw dollars, there became a major premium for bitcoin on Mt. Gox,” said Jacob Dienelt, a maker of bitcoin paper wallets in New York.
The rise in bitcoin’s value gave it more cachet with the general public, even though most people were still uninformed about exactly what bitcoin was.
Dollar trading volumes started to diminish on Mt. Gox then - from about 66,770 transactions daily in May to a little over 14,000 in September. Volumes surged for a few months, but dropped to about 9,000 daily by January, according to bitcoincharts.
Those in the industry said Mt. Gox ceased to be the exchange of choice about nine months ago as competitors such as Bitstamp gained prominence. By the start of this year, Mt. Gox was considered a diminished player due to concerns about its technology and safety.
“It was obvious there was something really bad going on there for nearly a year. They were processing withdrawals very slowly and generally being very opaque about what was going on,” said Mike Hearn, a bitcoin developer based in Switzerland.
Mt. Gox’s problems earlier this month stemmed from “distributed denial of service” attacks, where hackers sent thousands of phantom transactions to the exchange to slow its operations. Other exchanges experienced this problem as well, but were able to restore service more quickly.
The hackers exploited a process used by some bitcoin exchanges that introduced “malleability” into the code governing transactions, experts said. Simply put, this allowed hackers to slightly alter the details of codes to create thousands of copies of transactions. These copies slowed the exchanges to a crawl, forcing them to independently verify each transaction to determine what was real and what was fake.
“It was a well-known issue that every major exchange in the bitcoin community knew about and had solutions for. Mt. Gox did not,” said Jordan Kelley, chief executive of Robocoin, the world’s first bitcoin ATM maker.
A document circulating on the internet purporting to be a crisis plan for Mt. Gox, said more than 744,000 bitcoins were “missing due to malleability-related theft” and noted Mt. Gox had $174 million in liabilities against $32.75 million in assets. It was not possible to verify the document. If accurate, though, it would mean about 6 percent of the 12.4 million bitcoins minted would be considered missing.
As questions swirl about where the bitcoins and money Mt. Gox supposedly possessed ended up, some in the industry speculate that Mt. Gox’s problems stem fundamentally from financial mismanagement. If the company was selling more bitcoins than it could acquire, it may have gotten behind in its attempts to balance its own books.
“We are currently at a turning point for the business,” Karpeles said in an email on Tuesday, adding that an announcement would come soon. “I can’t tell much more for now as this also involves other parties.”