The developer is Gregory Maxwell, aka nullc. Here's a very interesting thread in which he proposes that the bitcoin community should demand that every bitcoin exchange (and every other type of service which can hold bitcoin on your behalf, like webwallets) continually prove that they are not fractional reserve. In other words, proof that if every user of the service simultaneously tries to withdraw all of their bitcoin, then the service would be able to honor all withdraw requests: <a href="http://www.reddit.com/r/Bitcoin/comments/1yj5b5/unverified_pastebin_gmaxwell_irc_log_mtgox_was/cfkze3p?context=1" rel="nofollow">http://www.reddit.com/r/Bitcoin/comments/1yj5b5/unverified_p...</a><p><i>"I think that as a community we should start demanding these services continually prove that they are not fractional reserve. We cannot effectively eliminate the need for trust in these sorts of services, but we can certainly confine the exposure and eliminate a lot of this drama. With Bitcoin it's technically possible to prove an entity controls enough coin to cover its obligations— and even to do so in ways that don't leak other business information, and so we should. But this isn't something specific about MTGox, it's something we should demand from all services holding large amounts of third party Bitcoins. I wouldn't even suggest MTGox should do it first, rather— it sounds like a great move for their competition to differentiate themselves."</i><p>Here's the takeaway:<p><i>"This would leak the total holdings, and some small amount of data about the number of accounts and distribution of their funds, but far far less than all the account balances. Importantly, though— it could be implemented in a few hundred lines of python."</i><p>In case anyone from Coinbase is reading: you have a unique opportunity to be the first webwallet service to implement this, and thereby make the entire bitcoin community instantly fall in love with you. It would also set a minimum standard of quality for webwallet services in general, which would add a lot of value to the bitcoin ecosystem. It seems like this might be a pretty big business opportunity.
Say you were a shady Bitcoin banker with 5000 BTC in deposits, and you wanted to steal 1000 while still looking like you're on the up-and-up by implementing this idea.<p>First, you announce that you only have 4000 BTC in deposits. Then you build this tree, and at the very bottom layer you add a node with a -1000 balance. You pair that node with your (or a conspirator's) real node holding more than 1000 so that any node above yours (read: everyone else) sees a positive balance at every point in the tree. Everyone can verify they're in the tree, the numbers add up to what you claimed publicly, but you're now successfully running a fractional reserve! And the only way to uncover such a scheme would be to publish all of the balances for every account.<p>Am I missing something?<p>Edit for clarity: the node you pair with is your own, so that no real user sees the negative sum.
Not to discredit the very capable developers discussing this, but in the interest for giving credit where credit is due, didn't Peter Todd suggest this back in his Bitcoin 2013 presentation on off-chain transactions? I seem to remember him explaining something similar on a rooftop patio in Toronto last spring after a Bitcoin Toronto meetup.<p>EDIT: <a href="http://www.youtube.com/watch?v=4d3LA8KpdMQ#t=6m45s" rel="nofollow">http://www.youtube.com/watch?v=4d3LA8KpdMQ#t=6m45s</a>
If anyone is interesting in helping, I'm going to spend my evening trying to implement this here: <a href="https://github.com/ConceptPending/proveit" rel="nofollow">https://github.com/ConceptPending/proveit</a><p>My email is in my profile, and I'm happy to Skype chat with anyone who wants to help.
Or, just use a system like we use on Bitalo, where fractional reserves are impossible because of use of multi-signature Bitcoin addresses, which means funds are specifically tied to user wallets and exchange operators cannot use them without user's signing all transactions by himself.
At first I was worried of what would happen if the exchange introduced fake nodes with negative balances at the bottom of the tree, but there would be no way for them to hide that without the first real customer up to the root finding out (there would have to be a negative node that he/she could see). This sounds like a great idea!
The big problem with this is convincing businesses to publicize their total customer deposits, which is extremely interesting information to competitors.<p>Though it could be a good way for new/small exchanges to differentiate themselves and gain trust of the community, which could force larger and larger exchanges to do the same until it's common practice (as mentioned has happened with provably-fair gambling sites)
Fractional reserve? I don't like that. It's like building a house of cards or a ponzi scheme. You shouldn't be able to say you have 10x of the value you actually have.
What bitcoin exchanges do HN readers trust?<p>I've been using <a href="http://coinmkt.com" rel="nofollow">http://coinmkt.com</a><p>I regrettably used MtGox.com. I'm kicking myself now.
This doesn't give you a way to validate your dollar deposits. In other words a dishonest exchange operator could misappropriate your dollar deposits and this scheme wouldn't tell you anything about it.
It turns out that MtGox used all the deposits to buy Magic cards. They now have the world's most excellent cube. We all should have seen this coming.