Troubled Bitcoin exchange MtGox was reportedly attacked 150,000 times per second by hackers in the days leading up to its collapse last month.The Tokyo-based exchange, which filed for bankruptcy protection in February, was hit with crippling distributed denial-of-service (DDoS) attacks, according to the Yomiuri Shimbun newspaper.During DDoS attacks, hackers take control of multiple computers to send a flood of data to the target, causing servers to crash and making websites unavailable.Lawyers for MtGox said that during the attacks, which lasted for several days, 750,000 Bitcoins belonging to customers were stolen, worth an estimated $575m (£344m).Unlike traditional currencies, which are backed by central banks, Bitcoin is created by complex interactions between a large network of computers across the globe.Janet Yellen, head of the US Federal Reserve, said that it has no control over virtual currencies which are not backed by any central authorities.Several countries, such as Russia and China, have placed heavy restrictions on how Bitcoin can be used.

MtGox was founded in 2010 by programmer Jed McCaleb, who sold the company to Tibanne Co.It became the world’s largest marketplace for Bitcoins, handling an estimated 80pc of all transactions of the digital currency.Last week, more than 400 people signalled that they would join a class action lawsuit against MtGox, according to British law firm Selachii.It is the latest effort to try to reclaim some of the hundreds of thousands of lost Bitcoins from the exchange.Richard Howlett, co-founder of Selachii, said: “On the back of the MtGox collapse, a lot of people say they feel the truth is not being stated.” Mark Karpeles, chief executive of MtGox, apologised for the collapse at a news conference earlier this month, blaming a “weakness in our system”, but predicted that the market will grow.Bitcoin pricings have been firing on all cylinders since the beginning of 2017, which drove it past the $1,100 mark on February 21, 2017 - the highest in more than three years.Notably, its value beat the $900 mark in late December for the first time since February 2014.

In mid-2015, the currency was at around $200 (read: Explaining Bitcoin and Crypto Currency).We are yet to have an ETF on this cryptocurrency.Winklevoss Bitcoin Trust has filed for one to make it easy for investors to bet on this soaring digital currency.The reason behind this surge is supposed to be investors' wagers on an approval of Winklevoss Bitcoin Trust ETF (Pending:COIN) by the SEC.bitcoin feb 2014The fund is expected to hit the market in March 2017, if it receives a go-ahead from the SEC (read: 6 ETF Trends Likely to Take Centre Stage in 2017).bitcoin rate today in indiaBitcoins are 'mined' by using a greater amount of computer processing power.eclipsetrader bitcoinHowever, since there is a fixed amount of bitcoins, as the limit is reached, it becomes hard to 'mine' for the coins.

The best part of this system is that it is beyond the reach of central banks.As per CNBC, "bitcoin is a very volatile asset" but doesn't have a strong correlation with other asset classes.Bourgeoning trading volumes in China, bitcoin's largest market, has favored the price.As Chinese investors wanted to shield their portfolio from a depreciating yuan, they bet big on bitcoin, driving the currency to double in 2016.Moreover, trading volumes in China have been solid with the government taking proactive measures against illegal money transfer.As per an article published on CNBC, Bitcoin is emerging as a safe haven asset like gold.The SPDR Gold Trust ETF (NYSEARCA:GLD) rallied considerably in the first half of 2016.As per an analyst, "the cryptocurrency could be referred to as digital gold, as it shares many of the characteristics that makes the precious metal a great store of value."As a result, in 2016, when Chinese shares witnessed a tumultuous run, bitcoin prices scaled higher.India's demonetization in November 2016 also gave a boost to bitcoin trading volumes.

The currency is also being fast accepted by big corporate houses.How Strong Are the Chances of a SEC Approval?Thanks to the less-explored nature and solid fundamentals, investors expect an approval of the first bitcoin ETF in 2017.However, a bitcoin analyst at Needham & Co.has expressed doubts over the SEC approval.If approved, the fund can rake in about $300 million in institutional wealth within the first week of launch.According to the betting probability, COIN has about a 36% chance of receiving a SEC approval.The tussle between the U.S.Securities Exchange Commission and Winklevoss over the launch has been going on for about three years.In fact, the issuer has restructured the proposals for the Bitcoin ETF multiple times.While the first ETF is yet to gain approval, other issuers filed for their products on this currency.SolidX Partners sought SEC approval last July for its bitcoin ETF, SolidX Bitcoin Trust, which also would be listed on the NYSE.In January, Grayscale Investments filed to list its own Bitcoin Investment Trust on the NYSE.

Now it is to be seen if the proposed fund makes it to the market, braving several risk factors including security concerns, "usage in illicit activity and anti-money laundering issues."NOTICE: This document is a work in progress and is not complete, implemented, or otherwise suitable for deployment.Abstract This document specifies proposed changes to the Bitcoin transaction validity rules in order to make malleability of transactions impossible (at least when the sender doesn't choose to avoid it).Copyright This BIP is licensed under the 2-clause BSD license.Motivation As of february 2014, Bitcoin transactions are malleable in multiple ways.This means a (valid) transaction can be modified in-flight, without invalidating it, but without access to the relevant private keys.This is a problem for multiple reasons: The sender may not recognize his own transaction after being modified.The sender may create transactions that spend change created by the original transaction.

In case the modified transaction gets mined, this becomes invalid.Modified transactions are effectively double-spends which can be created without malicious intent (of the sender), but can be used to make other attacks easier.Several sources of malleability are known: Non-DER encoded ECDSA signatures Right now, the Bitcoin reference client uses OpenSSL to validate signatures.As OpenSSL accepts more than serializations that strictly adhere to the DER standard, this is a source of malleability.Since v0.8.0, non-DER signatures are no longer relayed already.Non-push operations in scriptSig Any sequence of script operations in scriptSig that results in the intended data pushes, but is not just a push of that data, results in an alternative transaction with the same validity.Push operations in scriptSig of non-standard size type The Bitcoin scripting language has several push operators (OP_0, single-byte pushes, data pushes of up to 75 bytes, OP_PUSHDATA1, OP_PUSHDATA2, OP_PUSHDATA4).As the later ones have the same result as the former ones, they result in additional possibilities.Zero-padded number pushes In cases where scriptPubKey opcodes use inputs that are interpreted as numbers, they can be zero padded.Inherent ECDSA signature malleability ECDSA signatures themselves are already malleable: taking the negative of the number S inside (modulo the curve order) does not invalidate it.Superfluous scriptSig operations Adding extra data pushes at the start of scripts, which are not consumed by the corresponding scriptPubKey, is also a source of malleability.Inputs ignored by scripts If a scriptPubKey starts with an OP_DROP, for example, the last data push of the corresponding scriptSig will always be ignored.Sighash flags based masking Sighash flags can be used to ignore certain parts of a script when signing.New signatures by the sender The sender (or anyone with access to the relevant private keys) is always able to create new signatures that spend the same inputs to the same outputs.

The first six and part of the seventh can be fixed by extra consensus rules, but the last two can't.Not being able to fix #7 means that even with these new consensus rules, it will always be possible to create outputs whose spending transactions will all be malleable.However, when restricted to using a safe set of output scripts, extra consensus rules can make spending transactions optionally non-malleable (if the spender chooses to; as he can always bypass #8 and #9 himself).Specification New rules Seven extra rules are introduced, to combat exactly the seven first sources of malleability listed above: Canonically encoded ECDSA signatures An ECDSA signature passed to OP_CHECKSIG, OP_CHECKSIGVERIFY, OP_CHECKMULTISIG or OP_CHECKMULTISIGVERIFY must be encoded using strict DER encoding.To provide a compact way to deliberately create an invalid signature for OP_CHECKSIG and OP_CHECKMULTISIG, an empty byte array (i.e., the result of OP_0) is also allowed.Doing a verification with a non-DER signature makes the entire script evaluate to False (not just the signature verification).

See reference: DER encoding.Non-push operations in scriptSig Only data pushes are allowed in scriptSig.Evaluating any other operation makes the script evaluate to false.See reference: Push operators.Push operations in scriptSig of non-standard size type The smallest possible push operation must be used when possible.Pushing data using an operation that could be encoded in a shorter way makes the script evaluate to false.See reference: Push operators.Zero-padded number pushes Any time a script opcode consumes a stack value that is interpreted as a number, it must be encoded in its shortest possible form.'Negative zero' is not allowed.See reference: Numbers.Inherent ECDSA signature malleability We require that the S value inside ECDSA signatures is at most the curve order divided by 2 (essentially restricting this value to its lower half range).See reference: Low S values in signatures.Superfluous scriptSig operations scriptPubKey evaluation will be required to result in a single non-zero value.

If any extra data elements remain on the stack, the script evaluates to false.Inputs ignored by scripts The (unnecessary) extra stack element consumed by OP_CHECKMULTISIG and OP_CHECKMULTISIGVERIFY must be the empty byte array (the result of OP_0).Anything else makes the script evaluate to false.Block validity To introduce these new rules in the network, we add both v3 blocks and v3 transactions.v2 is skipped for transactions to keep the version numbers between transaction and block rules in sync.v2 transactions are treated identically to v1 transactions.The same mechanism as in BIP 0034 is used to introduce v3 blocks.When 75% of the past 1000 blocks are v3, a new consensus rule is activated: All transactions in v3 blocks are required to follow rules #1-#2.v3 (and higher) transactions in v3 blocks are required to follow rules #3-#7 as well.When 95% of the past 1000 blocks are v3 or higher, v2 blocks become invalid entirely.Note however that v1 (and v2) transactions remain valid forever.

References Below is a summary of the effects on signatures, their encoding and data pushes.Low S values in signatures The value S in signatures must be between 0x1 and 0x7FFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF 5D576E73 57A4501D DFE92F46 681B20A0 (inclusive).If S is too high, simply replace it by S' = 0xFFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364141 - S. Signatures produced by the OpenSSL library are not guaranteed to be consistent with this constraint.Version 0.9.3 of the reference client provides an example for detection and correction.The constraints on the value R are unchanged w.r.t.ECDSA, and values can be between 0x1 and 0xFFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364140 (inclusive).DER encoding For reference, here is how to encode signatures correctly in DER format.0x30 [total-length] 0x02 [R-length] [R] 0x02 [S-length] [S] [sighash-type] total-length: 1-byte length descriptor of everything that follows, excluding the sighash byte.R-length: 1-byte length descriptor of the R value that follows.R: arbitrary-length big-endian encoded R value.

It cannot start with any 0x00 bytes, unless the first byte that follows is 0x80 or higher, in which case a single 0x00 is required.S-length: 1-byte length descriptor of the S value that follows.S: arbitrary-length big-endian encoded S value.The same rules apply as for R.sighash-type: 1-byte hashtype flag (only 0x01, 0x02, 0x03, 0x81, 0x82 and 0x83 are allowed).This is already enforced by the reference client as of version 0.8.0 (only as relay policy, not as a consensus rule).This rule, combined with the low S requirement above, results in S-length being at most 32 (and R-length at most 33), and the total signature size being at most 72 bytes (and on average 71.494 bytes).Push operators Pushing an empty byte sequence must use OP_0.Pushing a 1-byte sequence of byte 0x01 through 0x10 must use OP_n.Pushing the byte 0x81 must use OP_1NEGATE.Pushing any other byte sequence up to 75 bytes must use the normal data push (opcode byte n, with n the number of bytes, followed n bytes of data being pushed).Pushing 76 to 255 bytes must use OP_PUSHDATA1.Pushing 256 to 520 bytes must use OP_PUSHDATA2.OP_PUSHDATA4 can never be used, as pushes over 520 bytes are not allowed, and those below can be done using other operators.Any other operation is not considered to be a push.

Numbers The native data type of stack elements is byte arrays, but some operations interpret arguments as integers.The used encoding is little endian with an explicit sign bit (the highest bit of the last byte).The shortest encodings for numbers are (with the range boundaries encodings given in hex between ()).0: OP_0; (00)1..16: OP_1..OP_16; (51)..(60)-1:OP_1NEGATE; (79)-127..-2 and 17..127: normal 1-byte data push; (01 FF)..(0182) and (01 11)..(017F)-32767..-128 and 128..32767: normal 2-byte data push; (02 FF FF)..(0280 80) and (02 80 00)..(02FF 7F)-8388607..-32768 and 32768..8388607: normal 3-byte data push; (03 FF FF FF)..(0300 80 80) and (03 00 80 00)..(03FF FF 7F)-2147483647..-8388608 and 8388608..2147483647: normal 4-byte data push; (04 FF FF FF FF)..(0400 00 80 80) and (04 00 00 80 00)..(04FF FF FF 7F)Any other numbers cannot be encoded.In particular, note that zero could be encoded as (01 80) (negative zero) if using the non-shortest form is allowed.Compatibility Relay of transactions A new node software version is released which makes v3 transactions standard, and relays them when their scriptSigs satisfy the above rules.