There is more speculation today that bitcoin’s November 2013 surge and Mt. Gox’s trading volumes were built in part on fraudulent trading activity – specifically via a bot that serious traders have dubbed “Willy”.
Bitcoin’s price on Mt. Gox rocketed from around $200 in early November to its $1,236 all-time high on 4th December, exciting early adopters and causing analysts to go into fits over the cause: was it Chinese speculation on that country’s fee-free exchanges? Or perhaps a mass exodus to digital currency after its resistance to government seizure was noted during the Silk Road affair?
The ‘Willy Report‘, a one-post default-themed WordPress site, gives a detailed rundown of the suspected bots’ trading activity from around September to the end of November 2013.
The mystery traders
According to the blog’s writer, a trader who analyzed publicly-released logs from the time, trading bots ran rampant through the system under various user IDs, including one dubbed “Willy” that placed repetitive buy-only orders that always manipulated the price upward.
Another bot, dubbed “Markus”, appears to have bought and sold at completely random prices, paying zero trading fees. Both Willy and Markus were most active immediately before and during November 2013, when bitcoin’s price suddenly headed moonward.
The analysis is based on data leaked to the public on 9th March this year, which included details of all trades on Mt. Gox between April 2011 and November 2013. No data since that period is currently available, though there are anecdotal reports of activity matching that of Willy and Markus after December.
To November, the two trading entities bought a total of 570,000 BTC, enough to have an impact on price. Was bitcoin’s value in late 2013 even less inherent than sneering anti-crypto economic analysts have claimed?
Who were they?
Speculation now falls on whether the activity is the result of outside hackers gaming the system for profit (like Mt. Gox CEO Mark Karpeles’ claims) or an inside job, representing the interests of the (very) few people with access to the exchange’s innards?
Both bots were among the 500 highest-volume users on Mt. Gox, whose activities are graphed here. Willy and Markus represent the two most anomalous trading charts, #281 ‘Greater Fools’ and #15 ‘Glitch in the System’ respectively.
Markus frequently appears to spend the same low amount of money (around $15) no matter how large the trade, suggesting data in that field is misleading or non-existent.
Odd patterns in the two trading entities’ buying behaviour are compounded by suspicious details in their user registration data. Willy had only ‘??’ listed for a country code when all other accounts were identifiable. Markus’ location was listed as ‘Japan’, and both had ID numbers unusually high compared to other users’.
The Willy entity was also unaffected by Mt. Gox’s downtimes, continuing to buy between 10-20 BTC every 5-10min even at times when the exchange was non-functional to regular users, leading the blog author to conclude:
“This makes it likely the bot was being run from a local Mt. Gox server. It is not impossible that a hacker was able to install some kind of rootkit on Mt. Gox’s servers and ran the bot from there, but that seems extremely unlikely.”
The anonymous author of Willy Report does not give much credit to the external hacker theory. Willy’s balance is absent from the balance summary leaked at the time of Gox’s collapse in February, and Markus’ is only 20 BTC. There do not appear to be any withdrawals to match the large trades.
Details of Markus’ activity is curiously corrected in a separate, anonymized version of Mt. Gox’s trade data from April 2013 that matched the leaked version in every other way. The entity’s ID number also appears in that version as ‘634’ – the ID connected to Mark Karpeles.
Suspected manipulative trading activity on Mt. Gox had been a discussion point among serious traders watching the exchange even back in 2013, and was apparently confirmed once the trade data was leaked.
The Willy Report author also suggests signs of suspicious activity in the lead up to bitcoin’s first mainstream attention-grabbing run, in April 2013.
Once again, dark clouds have gathered, not around the bitcoin network itself but around the centralized gateways guarding the on- and off-ramps between it and the legacy financial system.
Such businesses have operated mostly off the block chain and are inherently trust-based, functioning effectively as unofficial and uninsured banks. With developers and executives from the technology world rather than the financial, they have been accused of everything from incompetence to malice before their funds simply vanish – often along with the businesses’ owners.
A trustless crypto-based payment system still relies heavily on trusted supports. More often than not, these ‘trusted supports’ are unregulated, hence they attract unscrupulous traders and speculators.
Those in the pro-regulation camp point to the inherent weakness of unregulated exchanges as one of the biggest problems facing bitcoin, but regulation remains a controversial topic in the bitcoin community and there is no clear consensus on what should or could be done to stamp out abuse.
Disclosure Read More
The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.